Special Report: Day Eight of the SolarWinds Crisis

Trump contradicts Pompeo on Russian attribution, Biden aide expects Russia will be punished, Mandia narrows attacks most severe impacts to 50 organizations, Second group also targeted SolarWinds, more

The massive supply chain hack of top software vendor SolarWinds grabbed the spotlight on the Sunday news shows. Cybersecurity researchers continued to provide more useful details on the unprecedented espionage campaign the hack facilitated.

First, on Saturday, shortly after Secretary of State Mike Pompeo became the first Trump administration official to call out Russia as the source of the campaign, Donald Trump contradicted his always-unwavering supporter in a tweet saying the media exaggerated the damage, blaming other possible foes including China and falsely conflating a voting machine conspiracy theory with the SolarWinds hack.

Related: NYT > PoliticsHouston ChronicleInquirer.comBig News NetworkCNBC TechnologySouth China Morning PostDigital JournalUPI.comEngadgetWashingtonExaminer.comABC NewsWall Street JournalABC.net.auCBCFrance24DataBreachToday.comAM New YorkAP Top NewsJapan TodayChinanews.netCBSNews.comThe GuardianVOA NewsBloomberg PoliticsemptywheelThe Hill: CybersecurityCRNBoing BoingVoxSecurityWeekETTelecom.comRaw StoryPOLITICOBusiness InsiderAxiosrthk.hk World NewsAlterNet.orgMediaiteTIME. Mediaite

Meanwhile, President-Elect Joe Biden expects to punish Russia for its hypercharged espionage, according to Biden Chief of Staff Ron Klain. “It’s not just sanctions. It’s also steps and things we could do to degrade the capacity of foreign actors to repeat this sort of attack or, worse still, engage in even more dangerous attacks,” Klain said.

Related: Associated Press TechnologyJapan TodayAlterNet.org, Raw StoryCNN.com - PoliticsBusiness InsiderETTelecom.comTIMEibtimes.sg : Top NewsVoxRT USA, iTnews - SecurityDaily MailSTL.NewsReuters: World NewsDeutsche WelleBusiness InsiderThe GuardianETTelecom.com, AxiosCBSNews.comReutersSydney Morning Herald

Kevin Mandia, CEO of FireEye, the cybersecurity firm that was the first publicly identified target of the SolarWinds group, appeared on CBS News to explain the hack. In the process, he described the attack as a funnel that, although it affected 18,000 organizations, ultimately and intensely affected 50 organizations the most.

Related: Bloomberg, The Hill, BBC News - World

A report from Reuters’ Chris Bing, who broke the Solar Winds story (and who is now apparently asleep), says a second hacking group called SUPERNOVA also targeted SolarWinds’ products, according to sources. The second group’s malware imitates SolarWinds’ software, much like the first-known attack, but is not digitally signed, indicating that this group of attackers didn’t have access to its internal systems.

Related: Reddit - cybersecurity

Bing also delivered the news that Congress is worried that a Pentagon plan to split the National Security Agency from U.S. Cyber Command could hamper the United States’ ability to respond to the attack.

An ongoing debate continued during the weekend over whether the SolarWinds hack is an attack or an act of war. Most cybersecurity experts say it’s espionage at a turbocharged level, but not an attack, and certainly not war.

And on the lighter side of a terrible situation, BugCrowd’s Casey Ellis basically said that the SolarWinds’ breach is basically the same as it ever was.

Photo by freestocks on Unsplash