Billions Spent on U.S. Cyberdefenses Failed to Detect Giant Russian Hack

He called for the government to declassify what it knows, and what it doesn’t know.

On Wednesday morning, Senator Richard J. Durbin, Democrat of Illinois, called the Russian cyberattack “virtually a declaration of war.”

So far, though, President Trump has said nothing, perhaps aware that his term in office is coming to an end just as it began, with questions about what he knew about Russian cyberoperations, and when. The National Security Agency has been largely silent, hiding behind the classification of the intelligence. Even the Cybersecurity and Infrastructure Security Agency, the group within the Department of Homeland Security charged with defending critical networks, has been conspicuously quiet on the Russian mega hack.

Mr. Blumenthal’s message on Twitter was the first official acknowledgment that Russia was behind the intrusion.

Trump administration officials have acknowledged that several federal agencies — the State Department, the Department of Homeland Security, parts of the Pentagon as well as the Treasury and the Department of Commerce — had been compromised. Investigators were struggling to determine the extent to which the military, intelligence community and nuclear laboratories were affected.

The same questions are being asked inside many Fortune 500 companies that use the network management tool, called Orion and made by the Austin, Texas-based company SolarWinds. Los Alamos National Laboratory, where nuclear weapons are designed, uses it, as do major defense contractors.

“How is this not a massive intelligence failure, particularly since we were supposedly all over Russian threat actors ahead of the election,” Robert Knake, a senior Obama administration cyberofficial, asked on Twitter on Wednesday. “Did the N.S.A. fall in a giant honey pot while the S.V.R.” — Russia’s most sophisticated spying agency — “quietly pillaged” the government and private industry?

Of course, the N.S.A. is hardly all-seeing, even after placing its probes and beacons into networks around the world. But if there is a major investigation — and it is hard to imagine how one could be avoided — the responsibility of the agency, run by Gen. Paul M. Nakasone, one of the nation’s most experienced cyberwarriors, will be front and center.

http://platform.twitter.com/widgets.js