terms of routine or just really off the charts. >> well, it appears this is the work of the russian svr. they are the russian group that collects intelligence against foreign targets and their primary foreign target is the u.s. government and u.s. high-tech firms. this is very, very damaging braef breach of those systems and networks that if you're able penetrate them you have access to troves of information. this seems creative and successful attack. it went after so many government departments and agencies as well as private firms. as it was pointed out, the duration and the ability to extract information out of it and defeat what's called the einstein sensor system which is designed to detect the extraction of information to different ip addresses that could be those mechanisms that russians used to get information out. as nicole said, this is intelligence collection activity but i wouldn't take great comfort in just thinking that the svr, which is traditionally intelligence collection agency will not be potentially used to deploy malware that could lie silent for a while that could

first is, again, the russians, the svr are very, very good at what they do.supply chain compromise, this third-party trusted supply chain attack, that is a particularly hard attack vector to defend against. the third is that the federal civilian agencies, the 101 civilian agencies are not really optimized for defense right now. what that means is there is a lot of old, antiquated, legacy i.t. systems that are hard to defend. plus, the authorities are not in place for teams to get out there and aggressively root out adversaries. now, there is a provision in the national defense authorization act, the annual defense bill sitting on the president's desk waiting for his signature, that would give my old agency the authorities to go out and really aggressively hunt and look for these adversaries and that's what we are going to have to do to get certainty to the other side of this, is really deep diving into these agency systems looking for the russians and going hand-to-hand combat to get them out of the systems. >> was this a failure of sisa, a failure of u.s. cy

have no reason to doubt, this is totally consistent with the kind of activity you have seen from the svre voices who are saying that china had anything to do with it. alex stamos there. president—elect joe biden has chosen congresswoman deb haaland to be the next secretary of interior. if confirmed by the senate, she would be the first indigenous american to serve as a cabinet secretary. speaking earlier, she said her nomination was a profound moment, given that a previous interior secretary once proclaimed that his goal was to "civilize or exterminate" native americans. i am proud to stand here on the ancestral homeland of the lenape tribal nation. the president—elect and vice president—elect are committed to a diverse cabinet and i am honoured and humbled to accept their nomination for secretary of the interior. growing up in my mother's pueblo's household made me fierce. my life has not been easy. i have struggled with homelessness. i relied on food stamps and raise my child as a single mum. these struggles give me perspectives though so that i can help people to succeed. sarah deer i

have no reason to doubt, this is totally consistent with the kind of activity you have seen from the svr credible voices who are saying that china had anything to do with it. alex stamos. a uk government source has said there will be no trade deal with the eu unless there's a "substa ntial shift" from brussels in the coming days. saturday was dubbed fish day by negotiators in brussels, who are racing against the clock to try to solve one of the most thorny issues left on the table. it's understood a decision might be reached before christmas. but uk sources say it is increasingly likely the uk will leave with no deal. our political correspondent nick eardley has the details. the view in london is that there is going to have to be a decision in the next few days before christmas, and it is a big call for borisjohnson again over whether he signs up to this trade deal. there are two things in particular on which the talks are stuck. one is state subsidies. that is the extent to which governments can pour money into domestic industries to try to give them some sort of advantage in competitio

the svr is like a cap pelscalpe if you look at the ways they controlled the network, it was really subtlelooking forward, you have a president who's making clear he's not going to be doing anything in the 30 days that he is still in office on this. i'm curious if you think how critical these 30 days could be and how critical timing is. but even looking forward, we heard the incoming chief of staff, ron klain say this is going to go beyond sanctions we'll take on things to degrade the capacity of foreign actors to repeat this type of attack. i'm curious to what you think that would be? >> the next 30 days are critical. the last two weeks are critical. the russians know we know, and they're likely cleaning up their tracks at the different victims. so the first couple of days of an incident response like this are really important that's the time you can greez things in place, you can gather up data before it's been deleted and be confident you have caught everything. the longer we go from the initial announcement, the harder and harder it's going to be to find the back doors planted in these

why are the experts so sure that this is in all licklihood russia and the particular russian group svr>> it's a great question. part of this, at least that we know about, has to do with the tactics, the patience, the time and resources that were required, which, as one cybersecurity expert outside of the government who looks at state-run acts, said excludes 97% of the hackers who are out there. so that's number one. number two is they used some techniques that we have seen russians use before and this group used before. but i have to say i have checked with a broad variety of people inside and outside of the government, and they are all honing down on the same group. it could turn out a few months from now that it was a different russian group. i guess it could turn out that it was the chinese instead of the russians, but it seems unlikely based on everything we know right now. >> david, let me ask you about a contrast, which is that a lot of the administration, the homeland security agency, others, experts all seem very, very perturbed about this. the one person who does not seem that

president putin commemorated the 100-year anniversary of the founding of the svr and he said keep upood work. what message does this send to vladimir putin and to adversaries around the world when you have a president of the united states send a tweet like he did? >> well, i think what you said startled me. are you saying that trump said to putin in effect, keep up the good work? >> no, vladimir putin today in russia was commemorating the 100-year creation of the svr and in a speech, he told them, keep up the good work. but, of course, this happens just days after it is announced here that we have been victim to the largest cyberattack in u.s. history. >> well, you're right, there are so many of these crises that are coming along and they're being chucked into the future for joe biden to solve. we know from all sorts of reporting that's been done and, you know, what came out of pompeo, secretary of state, that the russians are behind this huge invasion of our data systems. and everybody who knows anything about this is saying how dangerous it is and yet the president has come out and

i think the svr they're the best of the best out there.hat there are probably other software companies that have been compromised and in fact my old agency issued a report to that effect just the other day that we are looking for other ones and supply chain compromises are particularly hard to defend against. >> the cyber attack is ongoing since at least march we are told. in fact, a private cyber security firm. chairman adam schiff said agencys have to answer quote why didn't you catch this. you were the head of one of many agencies in charge. why didn't you catch this? >> as i already said i think there are three contributing factors. the russians are very, very good at what they do. the second is this supply chain compromise, this third party trusted supply chain attack, that is a particularly hard attack vector to defend against. the third is that the federal civilian agencies, the 101 civilian agencies are not optimized for defense an enthere's old legacy i.t. systems that are hard to defend and the authorities are not in place for te

officials say they do not know what information was stolen, but they say they are tying it to russia's svr intelligence agency. >>doctor deborah birx the white house is covid coordinator is announcing today, she's planning to retire. perks telling the news outlet newsy the scrutiny from her role was overwhelming for her and her family in very difficult to the news comes after she but lockdown guidelines and then travel out of state to be with family for thanksgiving. berks will first help president elect biden's transition team before she retires coming up the justice department is suing retail giant wal-mart ♪ no, no no. let's show 'em how it's done, becky g. ♪ it's the brand new chicken dance song uh ♪ ♪ get down heat it up like a sauna ♪ ♪ spin around one time if you wanna ♪ ♪ wings up stretch em out put it on 'em ♪ ♪ get up now ♪ get down uh ♪ cluck cluck when you hear the sound uh ♪ new chicken dance new chicken sandwich my juicy, thickest fillet yet. my cluck sandwich combos. only at jack in the box. >>the justice department is suing walmart over its alleged role in the opioid crisis

fired pointed out to jake tapper yesterday, said this was likely carried out by their intelligence arm svr don't usually work with the gru or fsb, other arms in russia so you don't have to worry about that. it's finding intel about future diplomat iic efforts, et cetera. why wouldn't the three arms work together beyond their competitive nature? >> well, chris was pointing out a very good point, which is that the russian intelligence arms do not play well together, and that plays for our advantage. in the 2016 election it was the sbr same group to break into the democratic national committee but the gru the next year when they broke in that made everything public. so one hopes this is just an intelligence operation, and if so, it's bad enough, and we need to understand it. what we're trying to make sure is that it doesn't go further than that, and that they haven't planted basically small time bombs here that could be set off elsewhere. >> okay. so let's talk about what the incoming biden administration needs to be ready for, because finally, mitt romney is getting the credit he deserves fo

the russian svr will surely exploit to gain control of the networks it considered purity targets.he hackers will have long ago moved past their entry point, covered their tracks and gained what experts call persistent access, meaning the ability to control networks in a way that is hard to detect or remove. the pentagon appears to have avowedded any harm to their network, they say there is no evidence of compromise in their systems. little bit of good news there, lou. lou: it is. it's news that personally i can tell you i have great doubts about because every expert we've talked with thinks this is the most severe attack in our country's history. were not responded to those private -- we have not responded to those previous attacks, and as senator rick scott was saying, lucas, it doesn't sound like -- as he is urging a response, there doesn't sound like there will be much of one. your thoughts? >> reporter: senator scott was very clear, he said in the past there hasn't been a responsive course in the past, iran or other countries have hacked into the united states. it took some ti

this has all the hallmarks of a sophisticated operation, probably carried out by the svr, the foreignelligence units of the russian intelligence services. willia this is self-evident to people like you in your field, but help us understand what the russians gain from this. fiona: this is classic espionage, an attack on cybersecurity systems. back in the old days, they would have executed it a different way , by having people infiltrate to extract information. now with the internet and so much data on large systems, it gives all kinds of opportunities to penetrate information on a scale we never had before. this isn't something we should be particularly surprised about. it is disturbing and troubling, but it is not out of the ordinary in any way whatsoever. william: given that this is classic tradecraft, this is something that superpowers do to each other, i'm sure we are doing something similar to the russians or trying to, is there any sense that there is we could have done that would have deterred this behavior? we saw the obama administration struggle in 2016. we've seen the trump'

many cyber security experts say there is no question russians born intelligent service, the svr, is behindere's a lot more that we do not know that we do know. stroke remains unknown how much damage continues to be done to the most sensitive computer systems, including the department of energy's national nuclear security and ministration, which manages the nuclear weapons stockpile. and assessment by the believe is cautiously hopeful that the malware has been isolated to business networks only and has not impacted the mission essential national security functions. made romney is baffled by the continued silence from the white house . >> is cyber hack of this nature is the modern equivalent of the russian bombers reportedly flying undetected over the entire country in the setting, not to have the white house aggressively speaking out and protesting and taking action is quite extraordinary. >> reporter: one of the questions about the hack, how deeply embedded is it and you hackers have enough control over some systems that they can hijack them to spread this information in order to advance t

it's the work of svr, also known as cozy bear. the persistent question with this president is why does he keep cozying up to the russians? why does he not want to call them out? why does he not want to make them pay a cost for this attack? i'm glad that joe biden has already made it clear that in his administration, there will be a cost, including sanctions, and we are going to make cyber security a top priority because this is a massive attack, fred. and the attack is persisting. it's even continuing today. and so we have to take this very seriously. >> what do you wish the response would be to this cyber attack? >> i think we have to do a couple of things. first, we have to hunt for the malware that's embedded within our cyber infrastructure, get rid of it, stand up new clean systems. two, we have to pass this ndaa, which the president, by the way, has threatened to veto, which gives the dhs, the department of homeland security, new authorities to keep our cyber infrastructure clean. and then third, and this is very important, w

this point, as far as i know, this is strictly an espionage thing where the russians, presumably, the svrr foreign intelligence service, which is very sophisticated, has gone through the entre, a conduit of one software company. one question that comes to my mind is how many other software companies might they be doing the same thing? and to this point, they haven't done any damage, which would really constitute a pearl harbor, and by that i mean deleting data or, perhaps even worse, manipulating it to alter its fidelity so you can't trust it. so this is hugely damaging and hugely disturbing. and, of course, not surprisingly, our president has been silent on this issue, and he has never, in his four years as president, blamed putin or russia. >> you talked about how this was a failure. how so? >> well, it wasn't detected. what has been said publicly is that this has been going on until at least last march. and, of course, we've been preoccupied with other things, the pandemic, election security, and so it was completely missed, apparently. that's very disturbing. it proves a point, though

engaged in the private sector in cybersecurity so the apt-29 has all the signatures and that's the svre russian intelligence service fingerprints all over it. so two things that they have to look at now, and, by the way, talking to some folks yesterday it's bad, but it's also getting worse. they're finding other areas, other entry points and more government agencies that may have been impacted. so what you see this mad scramble is, jim, is saying, okay, now they're in, are they trying to just steal things and they did set it up for exfiltration of data meaning they had outside servers that were going to send data, too, to get back to russia. remember in june they were trying to steal covid-19 -- so we know they have the capability. the other is were they trying to cause some destruction or disruption in some of these systems. so there is a lot going on, these folks are actually up to their eyeballs trying to figure this out and that's just the government side. as you pointed out earlier, the private sector has a lot to lose in this as well and that is exactly what i think people are tr

this is the russian external svr intelligence agency, almost like the cia of russia.s is a much more elegant attack. so we don't know the extent of what's happened here. it's been almost six months before we even found out what happened. it's going to take us literally years and going through these networks and rebuilding these networks to find out how much stuff was left behind. they may have just been looking to get inside and steal information, basic espionage, or putting behind land mines and the ability to alter and change data. >> so the president has been silent thus far. they said he's been briefed but haven't said anything. mitt romney weighed in and here's what he said. >> this is an attack on america, which puts us at extreme vulnerabili vulnerability. and it's important to send a clear message, this is not something we will tolerate. >> so why do you think the president has been silent? >> frankly, the president has been silent for four years on russian activity. they did things -- there's been reports of bounties on our troops in afghanistan. they've atta

so the russian spy agency that is believed to have carried out this hack is the svr, the equivalent ofthey have not had a habit of doing that kind of thing. it's the other intelligence agency, the gru that did that hack and dump operation in 2016. but what experts say is there's nothing to prevent vladimir putin from deciding, okay, now that i'm in these networks, let's make use of this information to do these kinds of dirty tricks. that's the real worry here. that and manipulating data and just all kinds of mischief that they can do once they've gotten acre it success to these congratulations and government agencies, katy. >> ken dilanian, thank you very much for trying to shed some light on all of this. we appreciate it. >>> and still to come, conspiracies that were once on the fringe are now at the forefront of one of our major political parties. coming up, an unsettling look at what is going on from somebody on the inside. >>> first up, though, scared, alone, and still the most at risk of dying from the virus. for nursing home residents, the vaccine can not get there soon enough. >

now, a few years ago, you'll remember in the obama administration, the svr, the same cyber hacking unite department, i think the office of personnel management, and several otherdepartment, the office of personnel management and several other u.s. federal organizations. at the time, the question is what should we do in retaliation and the determination made them was look, they weren't doing any disruptive, they were just spying. every government in the world spies on each other, so let's not raise too much of a fuss. but now, you have seen, you know, the russians they like to escalate when they're not pushed back against, when there's not any kind of retaliatory measures taken. the only thing i can recall happening before the 2020 election, "the new york times" reported that basically, washington told moscow, if you do anything like you did in 2016, meaning not just steal information but then try to sway the electorate by using the hack and leak allegations we'll shut down the power grid in moscow. it was to secure and to safeguard our election which as mr. krebs pointed out it was a se

come out and publicly attributed the attack to the russian state-sponsored government, the russian svr, you know, this considerably in the past has taken a long period of time to actually complete, if you look at the 2016 election, it took eight, nine months for the administration to come out and actually say it was russia, for the north korea attack against sony, it took almost a year. so, these kinds of public attribution, especially a nation state calling out another nation state for an attack is a considerable first step, and they did it in record time. >> and robert, senator chris coons spoke to our andrea mitchell earlier this week about this and how concerning it is. listen here. >> it's pretty hard to distinguish this from an act of aggression that rises to the level of an attack that qualifies as war. this is as destructive and broad-scale an engagement with our military systems, our intelligence systems, as has happened in my lifetime. >> all right, so, you've served on multiple military cyber defense teams. should the u.s. take this as an act of war? >> so, calling it an act

fingerprints of what's called apt29 which is a set of attacks that have been linked to the russian svrs essentially their cia, their foreign intelligence service, one of the successors of the kgb. so i suspect we have the evidence. your point, andrea, is we don't yet fully know the extent of the damage. we don't know whether this is russia lying in wait to destroy our infrastructure in the event of some conflict with us. the key challenge for the biden team will be, how do we reestablish deterrence with russia? obviously we don't want a full scale military disruption with russia, we have areas we have to cooperate with them, like climate change. we have to reestablish deterrence, we have to rejoin our atlantic allies, we have to show russia there will be real, significant costs for their attacks. i think trump requested cyber hacking from russia, he welcomed it, he benefitted from it, and i think he's rewarded it. >> and this as the white house, the nsc, homeland, and the pentagon are hollowed out, purged of cyber experts and other policymakers who could have been the kind of veterans

in fact, the russian version of the cia, the svr, that broke into both the treasury and commerce departmentsnd potentially other government agencies as well as private entities. we reported last week that this same agency hacked the private cybersecurity company fireeye, which plays a huge role in defending both government and private networks. so the u.s. government is scrambling right now. this is not unprecedented. this same agency broke into the white house and the state department back in 2015. but this is considered one of the biggest breaches of u.s. government networks in some time. my source does say that as far as we know right now, no classified networks have been penetrated, but nonetheless, just gaining access to the email accounts of people at treasury and commerce gives the russians a lot of valuable information that they can use in this ongoing covert war against the united states. >> can you share how long this has been going on because apparently this has been going on for perhaps weeks if not months. can you talk a little bit about that timeline? >> yes. my source familiar

york times," uses it, was basically invaded by a group of hackers, who we believe are linked to the svrgence agency. and they got into the update system. think about the way that your phone updates overnight, you know, when you plug it in. and of course, when that happens, you don't go and look at all the code that apple or someone else just put into your phone. well, the russians go into this update system and then companies, government agencies, downloaded it. and that was in march. and then once you're in the software base, you can sort of bore in and go laterally anywhere you want. so what we've heard from the energy department and we've heard similar things from treasury and commerce and so many others, the fact of the matter is that they're all telling me that they don't really know. and they don't know that this is just espionage. >> well, it's also remarkable that this happened in march. and we're just finding out about it now. how concerned should we be about that? well, it's even worse than that. it happened in march. we're only finding out about it now. and we're only finding

it is the svr, which is their foreign intelligence unit, much like what was known before as the kgb that engaged. this has been going on since march. they had planned this much earlier than that. they took advantage of our focus on the coronavirus, and what is truly traumatizing, and should be traumatizing to all americans, is we don't know the extent. they have penetrated these networks. we don't know if they're just occupying space there or if they're in a position to control them. the fact that the president has not come out and castigated russia and putin speaks volumes about the man. he haas never been the president of the united states. he has been the president of the trump organization. his interests always go there first. >> congresswoman, good to see you, as always. congresswoman jackie speier, a member of congress from northern california. >>> it's just 30 days until joe biden is sworn in as the next president of the united states. today, he's going to get his first dose of his covid vaccine on camera. just ahead, how the incoming administration is already working to shore up

. >> it is david that was my question tom bossert, homeland security a adviser to trump, the svr, thessians, will have used it to further exploit and gain administrative control over the networks considered priority targets. are we going to keep learning more and more with each day and each week? at what point do we feel like, okay, we really actually any what they know >> well, if you see every organization, which is in our industry, cybersecurity, alarger organizations are putting out statements we have to work together to figure out the extent of this damage. as well as go to larger extent to protect ourselves i think it is incumbent upon every organization, who deploys, to make sure, a, are they safe, were they impacted, and, b, are they prepared in the future if something like this happens? enterprise is being run because of the digital economy, you've seen that with the pandemic. it is imperative we all protect ourselves and make sure this doesn't happen i think the effects of this are far reaching >> what does it mean i'm always curious, you got to try to figure out how far the

boy, the gru and the svr read that tweet and they think what? >> well, vladimir putin has always been one to want some, albeit, not so plausible deniable for his spying and fascinations operations. he does that because he does at theened want us to know it was the kremlin that was responsible, but at the same time he doesn't want us to enact retributions whether it be sanctions or policy measures to hold him accountable. in this case, i think that secretary pompeo's assessment is correct, it's also worth highlighting, that secretary pompeo was the director of the cia and he knows the russia target extraordinarily well and all indications this is the fcr with advanced persistent 29, also known as cozy bear, conducting this a. leland: when you think of this as a spying rather than a military operation, it perhaps changes things a little bit. the history of u.s.-russia spy relationship. gary powers, anna chapman, we refer in 2010, the cuban missile crisis, robert hanson and atomic spies, during the development. atom bomb and the manhattan project.

attack trace back to a.p.t. 29 and that is advanced participate troop 29 closely linked to the russia's svr kgb. so this is appearing to be a kremlin directed cyber attack against the u.s. government and it is going to take weeks, if not months, nicolle, to do the full damage assessment to figure out exactly what russia knows, when they did start knowing it and how are we ever going to get them off the network if they're watching the emails of the i.t. professional whose job it is to defend america. >> so jeremy, you've been the chief of staff at the pentagon and the cia. obviously in recent decades we've turned a lot of our defenses to protecting the space. obviously not adequately. what does it say to you that the pentagon, this new team, donald trump ousted the old folks, put in a new team and it is unclear for weeks now why. why do you think they paused their transition conversations with the biden team? >> well i'm not sure there is a connection between solar winds and the breach in the pause and let me offer, number one, with respect to the transition pause, don't be fooled. this is a

in this case again it's the svr and they conduct espionage.ssified can be of great value. that's what they vacuumed up here quite successfully. >> trace: i have to go, dan. we keep saying russians. it looks like the prime likely suspect. do you agree the russians? >> yeah, yeah, it's vladimir putin running another effective cyber operation. hypocritical that he was suggesting a cyber working group where we cooperate at the summit with president trump a couple years ago. >> trace: thank you, sir. >> sandra: house democrats meanwhile passing over alexandria ocasio-cortez for a coveted committee spot. who was chosen instead? and breaking news just now forced to issue a major retraction on a high-profile story. now admitting it was all one big lie. what we're talking about. we'll have it for you next. interest rates have dropped to record lows. one call can save you $3,000 a year. newday's va streamline refi lets you refinance without having to verify your income, without getting your home appraised, and without spending one dollar out of pocket t