Support Just the News

Help Fund Honest Journalism

Donate

Former CIA Moscow station chief on U.S. cyberattack: 'This is an intelligence failure'

"We're in incident response phase ... the last place you want to be."

Updated: December 20, 2020 - 1:10am

A former senior Central Intelligence Agency official this week told Just the News that the United States is at a significant positional disadvantage following the recent major cyberattack on the country that penetrated to some of the highest levels of government. 

That attack—the roots of which extend back all the way to at least March of this year—has rocked the government and sent officials scrambling to determine the number and extent of compromised federal servers as well as the espionage agents behind it. 

Former senior CIA spy Daniel Hoffman told Just the News Editor-in-Chief John Solomon on John Solomon Reports this week that the United States is in "incident response" mode following the attack, what Hoffman characterized as "the last place you want to be." 

"It looks like it was a hack from Russia's external intelligence service," said Hoffman, a former CIA station chief in Moscow. "And it looks like this was just a massive cyber attack, which began by all accounts last March. And the Russians were able to penetrate the state and local and federal governments, Department of Homeland Security, the Energy Department, [and] our National Nuclear Security Administration."

Hoffman said the hackers used a "Trojan horse back door" to pull off the hack, utilizing a vulnerability in a particular software package from a company called SolarWinds. 

"That's your weak link," Hoffman said of the private company. "If their security practices aren't good enough ... that's what happens." 

Hoffman pointed out the attack on SolarWinds was detected not by U.S. intelligence officials but by the private cybersecurity firm FireEye. 

"This is an intelligence failure, for sure," Hoffman told Solomon. "You know, the whole goal of intelligence is to detect threats ... and preempt them before they're visited on our shores. I think we'll see a real post mortem on this one, in the Congress, with lots of hearings."

"Why we didn't know about it, and why we had to wait until nine months into this to detect it through technical means, is going to be a major question for House, Senate intel committees, among others," he said.

Secretary of State Mike Pompeo said Friday that Russian hackers were "pretty clearly" behind the attack, which was utilized in part via SolarWinds's Orion software platform. 

Hoffman said that there is presently "no indication whatsoever that the Russians were able to access our election infrastructure," noting that it would be "very much in Vladimir Putin's playbook" to make it seem as if he were targeting U.S. elections only to breach a different vulnerability. 

Still, Hoffman said, the Russians "vacuumed up massive amounts of protected information, not, you know, necessarily all classified, but highly valuable to them. And the question that I'm sure is being asked by my colleagues at CIA, well, how are the Russians going to weaponize it? How will they use it?"

Pointing out that "it could be worse," Hoffman said the U.S. should focus on "doubl[ing] down on all of our efforts to defend ourselves."

"And that means recruiting more sources, you know, inside Russia," he said. "That's what I'd be saying if I was at CIA."

Just the News Spotlight