Suspected Russian cyberattack looks like a 'dream' attack for hackers: Palo Alto CEO

The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated. The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat “poses a grave risk to the federal government.” Palo Alto Networks Chairman and CEO Nikesh Arora joins CNBC’s Jim Cramer on “Squawk on the Street” to discuss the impact of the attack and what companies have to do in order to protect themselves from bad actors. For access to live and exclusive video from CNBC subscribe to CNBC PRO: https://cnb.cx/2NGeIvi

The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated.

The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat “poses a grave risk to the federal government.”

It added that “state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations” are also at risk.

CISA believes the attack began at least as early as March. Since then, multiple government agencies have reportedly been targeted by the hackers, with confirmation from the Energy and Commerce departments so far.

“This threat actor has demonstrated sophistication and complex tradecraft in these intrusions,” CISA said. “Removing the threat actor from compromised environments will be highly complex and challenging.”

Russia accused

CISA has not said who it thinks is the “advanced persistent threat actor” behind the “significant and ongoing” campaign, but many experts are pointing to Russia.

“The magnitude of this ongoing attack is hard to overstate,” former Trump Homeland Security Advisor Thomas Bossert said in a piece for The New York Times on Thursday. “The Russians have had access to a considerable number of important and sensitive networks for six to nine months.”

Russian presidential spokesman Dmitry Peskov rejected the accusations, according to the Tass news agency.

“Even if it is true there have been some attacks over many months and the Americans managed to do nothing about them, possibly it is wrong to groundlessly blame Russians right away,” he told Tass. “We have nothing to do with this.”

The Russian Embassy in London did not immediately respond to CNBC’s request for comment.

The FBI said Wednesday it is “investigating and gathering intelligence in order to attribute, pursue, and disrupt the responsible threat actors.”

At this stage, it’s not clear what the hackers have done beyond accessing top-secret government networks and monitoring data.

Hackers also accessed systems at the National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, according to the Politico news site, citing officials familiar with the matter.

» Subscribe to CNBC TV: https://cnb.cx/SubscribeCNBCtelevision
» Subscribe to CNBC: https://cnb.cx/SubscribeCNBC
» Subscribe to CNBC Classic: https://cnb.cx/SubscribeCNBCclassic

Turn to CNBC TV for the latest stock market news and analysis. From market futures to live price updates CNBC is the leader in business news worldwide.

The News with Shepard Smith is CNBC’s daily news podcast providing deep, non-partisan coverage and perspective on the day’s most important stories. Available to listen by 8:30pm ET / 5:30pm PT daily beginning September 30: https://www.cnbc.com/2020/09/29/the-news-with-shepard-smith-podcast.html?__source=youtube%7Cshepsmith%7Cpodcast

Connect with CNBC News Online
Get the latest news: http://www.cnbc.com/
Follow CNBC on LinkedIn: https://cnb.cx/LinkedInCNBC
Follow CNBC News on Facebook: https://cnb.cx/LikeCNBC
Follow CNBC News on Twitter: https://cnb.cx/FollowCNBC
Follow CNBC News on Instagram: https://cnb.cx/InstagramCNBC

https://www.cnbc.com/select/best-credit-cards/

#CNBC
#CNBCTV

47 Comments

  1. DJ Pomare on February 18, 2021 at 4:26 pm

    Mass shootings, Pinky power, Burning buildings, Looting and Mugging.
    Just another racist, anti-Islamic, anti-communist day in the US.
    The World should hold the US accountable for American human rights abuses at home and abroad.
    Russian Hackers looked for US intelligence but found nothing intelligent!

  2. Morotai Team on February 18, 2021 at 4:27 pm

    For sure nothing to do with Russian even if done from Russian lands the only people who benefit out of this the Israeli why because they make America have great enemies and they can control their targets Americans wake up Russia is your partner in prosperity of the world love peace prosperity together the calibrates is the Israeli defense ministry pegasos

  3. quest 77051 on February 18, 2021 at 4:28 pm

    if Russia has been in there for 9 months then they know EVERYTHING. smh.

  4. Stewart Denton on February 18, 2021 at 4:30 pm

    CAUTION THE CLAIM OF RUSSIAN HACK IS. BASELESS AND WITHOUT EVIDENCE. POMPEO SUPPORTS THE PELOSI POPULAR PLOY. CYBER SOLDIERS OF THIS CAPABILITY CAN LEAVE ANYONE’S CYBER SIGNATURES. IT WOULD BE JUST AS CREDIBLE TO SAY IT WAS THE CREW OF THE SPACE STATION.

  5. M K on February 18, 2021 at 4:30 pm

    After US election fraud, China and Iran regimes hack the USA federal agencies and also people to control the whole world!.
    The Globalists do not care about this most dangerous attack nor moving jobs to Mexico/overseas, because they think like socialists!?

  6. Daniel Le on February 18, 2021 at 4:31 pm

    TRUMP: WHAT RUSSIAN HACK? THEY DON’T HAVE TO HACK, IF THEY WANT, I’D TELL THEM ANYTHING THEY’D LIKE TO KNOW. THE HACK COULD OF BE FROM CHINA, OR, OR UNITED NATION …ECT.

  7. Holy_Bananas on February 18, 2021 at 4:31 pm

    Stop outsourcing your security to India.

  8. T airdudeusa on February 18, 2021 at 4:33 pm

    See, they should have been using PC Matic made in the USA

  9. Darren Phillips on February 18, 2021 at 4:34 pm

    PLTR is the search engine for Five Eyes. Its under their Gotham program. You can buy stock in the company that spys on you. That’s where were at.
    If George Orwell came back to life, he would have to drop acid to wrap his mind around our society.
    I read this the other day. The last few years Chinese have been buying medical/health companies which have our DNA records on file. The Chinese are building a DNA database on Americans. Not making this up.

  10. Cristian Ventura on February 18, 2021 at 4:35 pm

    Why can’t they just ctrl-alt-delete the whole system? I do it all time on Windows 10? Never on 7 ultimate. I miss so much my 7.

  11. Wolfgang Meyer on February 18, 2021 at 4:37 pm

    Trump is putins puppy. Russia needs more sanctions

  12. DJ Pomare on February 18, 2021 at 4:37 pm

    The Pentagon diverted your Covid mask money to manufacture more weapons.
    Russia and ISIS can’t believe their luck. Trump kills more Americans than them!!

  13. K Anders on February 18, 2021 at 4:38 pm

    The "UFO" video from the Navy is who is causing these problems. I strongly urge leaders to have conversations in person, or via secure landlines when possible. What is clear to me is they can disrupt ANY technology/electronics and are NOT loyal to any country. If the US or Russia or China think they will depend on their technologies, they are utterly mistaken.
    Whatever these "entities" are – they don’t care about you, me, nor anyone. They have no loyalty but to themselves and to create chaos.
    Jesus spoke of them and is the only one who can drive them out. And if you scoff at that, I can assure you, THAT (disbelief) is why you will not get rid of the threat.

  14. Alysc Studjo on February 18, 2021 at 4:44 pm

    It sounds more like these guys not only got the key to the backdoor but now "own" the company that makes the "locks"…. so even if the keys are changed it won’t make a difference?? I’m not a techy type but it really looks like these hackers did something extraordinary and had so much time undetected they gained more than Data, they learned the psychology of each entity breached. That seems more dangerous than anything else.

  15. Jeff Casey on February 18, 2021 at 4:44 pm

    Trump knows if he cracks down on Putin over this hack that Putin will release the secret recording of Kushner giving MLB permission to take out Khashoggi

  16. Daulstage Butterfly on February 18, 2021 at 4:44 pm

    He thinks that being a President is making money off of America.

  17. Chuck Below on February 18, 2021 at 4:45 pm

    This is the most relevant report out there. Lucid. Equal to the pre-Covid pandemic/ viral warfare.
    It is just the first of ‘stages of acceptance’. i.e.: The wrath has yet to come.

  18. Humberto Hernandez on February 18, 2021 at 4:48 pm

    The latest cyber attack by russia and whete’ s donald trump , what’ s going on between russia and trump

  19. Stewart Denton on February 18, 2021 at 4:49 pm

    CAUTION THE CLAIM OF RUSSIAN HACK IS. BASELESS AND WITHOUT EVIDENCE. CLAIMING RUSSIA OR ANY NARRATIVE IS FLAWED. CYBER SOLDIERS OF THIS CAPABILITY CAN LEAVE ANYONE’S CYBER SIGNATURES. IT WOULD BE JUST AS CREDIBLE TO SAY IT WAS THE CREW OF THE SPACE STATION.

  20. SSJ Carl on February 18, 2021 at 4:51 pm

    Will Joe biden hold them accountable? no of course not.

  21. laura moran on February 18, 2021 at 4:55 pm

    Just to say thank you to the best hacker on telegram @HACKWISDOM2 on telegram people are calling him I think his so legit with the best software I got 7BTC I can’t believe it

  22. Steve Wiser on February 18, 2021 at 4:56 pm

    Misdirection from China

  23. 1WithTheFlow on February 18, 2021 at 4:56 pm

    We’ve never been weaker and easier to attack. Russia did this to prove they have this country by the balls.

  24. Ssad Mo on February 18, 2021 at 5:02 pm

    Logically, there is no reason for Russia to do this at the moment if they "want to" help Trump as the lefty media claimed all years. Who would benefit the most? The deep state most likely.
    Top security system like US government, every departmental subnet has its own security protection. For an attack infiltrating multiple subnets at the same time, the attackers must know them well and have security access to all of them. It wouldn’t be surprised that the deep state and its foreign accomplices have the highest probability of achieving so.
    My logical guess is that they launched the attack in such a way that it looked like from Russia. To make it realistic, they attacked the other nations too. It would take the attention away from the CCP such that they can claim the Russian the most dangerous. It would also take the heat away from J.Biden and his picks who are closely linked to the CCP in business deals.

  25. Stewart Denton on February 18, 2021 at 5:05 pm

    CAUTION THE CLAIM OF RUSSIAN HACK IS. BASELESS AND WITHOUT EVIDENCE. CLAIMING RUSSIA OR ANY NARRATIVE IS FLAWED. CYBER SOLDIERS OF THIS CAPABILITY CAN LEAVE ANYONE’S CYBER SIGNATURES. IT WOULD BE JUST AS CREDIBLE TO SAY IT WAS THE CREW OF THE SPACE STATION.

  26. JL on February 18, 2021 at 5:05 pm

    Amazing how powerful the Russian Hackers are. How pathetic the "World Best" Cybersecurity Nation is. For 9 (nine) months, the blur blobs were snoozing in their conceit. SAD

  27. Chris Waymire on February 18, 2021 at 5:07 pm

    So I got my  second DUI while driving on post. The kicker is that I’m also active duty military. Not sure if anyone here has gone through having a DUI while in the military I’ve never been in trouble before and I am still junior enlisted on my first contract. I want to stay in but everything I’ve read in other places doesn’t make that seem too likely for me.My arresting officer even told me that because of my age, and it being my second DUI, that it will be a career killer. I became worried troubled unhappy until I stumbled across an expert professional on a reddit post..not just one person confirmed his competency and professionalism so I didn’t find it difficult believing him..I reached out and within 48 hours he got my records cleared and reinstated my licence..he is affordable and reliable..Get through with him cyberguru0101 @ g mail . com..Tell him the anonymous military guy referred..He deletes bad reputation online ..mugshot removal etc

  28. quest 77051 on February 18, 2021 at 5:07 pm

    glad Russia did not hack our nuclear subs. that will always keep them from doing something stupid.

  29. george d on February 18, 2021 at 5:09 pm

    Yet another failure for the Worst President in History!!!

  30. Stewart Denton on February 18, 2021 at 5:09 pm

    CAUTION THE CLAIM OF RUSSIAN HACK IS. BASELESS AND WITHOUT EVIDENCE. CYBER SOLDIERS OF THIS CAPABILITY CAN LEAVE ANYONE’S CYBER SIGNATURES. IT WOULD BE JUST AS CREDIBLE TO SAY IT WAS THE CREW OF THE SPACE STATION.

  31. Dominic Adam on February 18, 2021 at 5:10 pm

    At times like this you gotta stay ready, tryna secure and protect yourself from hacks like this, contact fostercodes1 on iG, a professional hacker who has been hacking for 10 years

  32. gelasio88 on February 18, 2021 at 5:10 pm

    cnbc – So how bad they they hack us, and how exactly does that impact us?
    guest – yes

  33. Stewart Denton on February 18, 2021 at 5:11 pm

    CAUTION THE CLAIM OF RUSSIAN HACK IS. BASELESS AND WITHOUT EVIDENCE. POMPEO SUPPORTS THE PELOSI POPULAR PLOY. CYBER SOLDIERS OF THIS CAPABILITY CAN LEAVE ANYONE’S CYBER SIGNATURES. IT WOULD BE JUST AS CREDIBLE TO SAY IT WAS THE CREW OF THE SPACE STATION.

  34. UnderSiege 2020 on February 18, 2021 at 5:11 pm

    Thanks CNBC for the great progressive news reporting. For many this is hard to process. Hackers began in March 2020.
    Reuters was the first to report it on Monday 12/14. Solarwinds main shareholder is Silver Lake Partners. A China based Investing firm. Solarwinds sold $286 mil of stock before announcing a new CEO and disclosed the attack. If Russia can hack 18,000 corporations and the government of 8 countries they could of easily hack an election. If Russia loves Trump how did Biden win ?

  35. laura moran on February 18, 2021 at 5:12 pm

    Just to say thank you to the best hacker on telegram @HACKWISDOM2 on telegram people are calling him I think his so legit with the best software I got 7BTC I can’t believe it

  36. DJ Pomare on February 18, 2021 at 5:13 pm

    Huawei 5G and TikTok or the US old WWII 5 eyes spy network, Google, Facebook and Twitter?
    USA 324,473 UK 67,401 Canada 14,215 Australia 908 NZ 25 China 4,634.
    China – 5G Cities. Japan – Flying cars. USA – Trump.

  37. ozz lugo on February 18, 2021 at 5:13 pm

    The government spy against us with our own money, now they got a taste of their own medicine.

  38. Richard Burns on February 18, 2021 at 5:14 pm

    A group from Russia named Cosy Bear did this .. and they have a history of hacking !!

  39. John Dunn on February 18, 2021 at 5:15 pm

    "Don worry aboudit." The putinRump confederacy says.

  40. Radical Niner on February 18, 2021 at 5:16 pm

    I resigned ten years ago from working for IT corporations because of neglect of security and protocols for the sake of maximizing profits and shrinking dudgets. The CEO’s and Execs don’t give a damn about longterm consequences for their actions. They can’t see beyond this quarter and next financials. They axe key people who keep information and infrustructure safe. EVERYTIME I HEAR ABOUT A BREACH, I DON’T GET SURPRISED. MY HEART ACHES BECAUSE PEOPLE LIKE ME FIND OURSELVES HELPLESS. WE SAW THE PROBLEM BUT NO ONE WANTED TO HEAR US. IN FACT, WE GOT BULLIED AND SILENCED. WHEN YOU PUT PROFITS OVER SECURITY, EXPECT TO GET HACKED AND EVEN WORST. MY NIGHTMARE IS IF SOME CYBER TERRORIST CAN HIJACK WEAPON SYSTEMS OR CRIPPLE KEY INFRASTRUCTURES.

  41. F D on February 18, 2021 at 5:16 pm

    I love the new wave of McCarthyism as if an economy smaller than that of Italy poses a real threat. Meanwhile you have the literal upcoming super power that has literally stated their interior to surpass us. Engages in genocide, utilizes all out ware fare, and has literally been caught in Australia for installing menturian candidates, manipulating elections in Taiwan and whose military will one day surpass the US, this country has literally been caught with thousands of spies in the US this year alone, where are the Russian spies. Oh right trump is the Russian spy according to the ever intelligent and rational average American.

  42. Morotai Team on February 18, 2021 at 5:17 pm

    Pegasos (click zero)

  43. incipidsigninsetup on February 18, 2021 at 5:21 pm

    The President thinks it’s no big deal.

  44. Lilian on February 18, 2021 at 5:22 pm

    Biggest surprise for me here is that the Fox guy works for CNBC now 🙂

  45. M K on February 18, 2021 at 5:23 pm

    All Chinese specialists should be sent back from Silicon Valley. They had trained them to make it: Cyberattack.

  46. Dsri Sub on February 18, 2021 at 5:24 pm

    Generally there are no checks before a patch is launched. Patches short circuit the code reviews and unit testing and integration testing of the deployed code until it comes as a mainstream feature. This means solar winds never took this patch and implement it into product through a full cycle for long. Dev sec ops should have been in place.

Leave a Comment