Lawmakers on both sides of the aisle criticized President Trump for his ongoing silence on the massive suspected Russian hack of federal agencies this week, and urged him to sign the annual defense funding bill into law to take action immediately.
“It is extremely troubling that the President does not appear to be acknowledging, much less acting upon, the gravity of this situation,” Senate Intelligence Committee Vice Chairman Mark Warner (D-Va.) said in a statement released Friday, accusing Trump and his administration of not taking the breach “seriously enough.”
As of Friday, almost a dozen federal agencies had reportedly been breached as part of the fallout from the nation state hack of IT company SolarWinds, which estimates around 18,000 of its customers have been compromised since March.
Agencies impacted include the Commerce, Homeland Security, State and Treasury departments, along with the Energy Department’s National Nuclear Security Agency.
The Trump administration has taken steps to begin immediately responding to the breach, including standing up a cyber coordination group composed of the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Office of the Director of National Intelligence. Trump’s national security adviser Robert O’Brien also cut short a trip earlier this week to return to the U.S. and address the crisis.
However, despite reportedly being briefed on the issue, Trump himself has not yet addressed the breach, which is already being hailed as one of the largest cyber espionage incidents in U.S. history. His silence became more noticeable Thursday, when President-elect Joe Biden put out a statement vowing to make responding to the breach a “top priority” once in office.
“An incident of this magnitude and lasting impact requires an engaged and public response by the U.S. government, led by a President who understands the significance of this intrusion and who is actively marshaling a domestic remediation strategy and an international response,” Warner said.
Warner’s comments came the day after Sen. Mitt Romney (R-Utah) criticized the silence from the White House during an interview on SiriusXM’s “The Big Picture with Olivier Knox.”
“A cyber hack of this nature is really the modern equivalent of almost Russian bombers reportedly flying undetected over the entire country,” Romney said. “In this setting, not to have the White House aggressively speaking out and protesting and taking punitive action is really, really quite extraordinary.”
Various committees have leapt into action since Reuters first disclosed the wide-ranging breach earlier this week, with the incoming leaders of the Senate Homeland Security and Governmental Affairs Committee announcing Friday that they would hold hearings on the breach next year.
The House Homeland Security and House Oversight and Reform Committees both received a classified briefing on the topic Friday, the day after the committees announced they were opening an investigation into the incident.
Members emerged disgruntled over a lack of information and action from the White House.
“I’m shocked,” House Oversight and Reform Committee Chairwoman Carolyn Maloney (D-N.Y.) told C-SPAN of Trump’s inaction. “I’m disappointed that he is not bringing the government together to respond to it to give information to the American people.”
House Homeland Security Committee Chairman Bennie Thompson (D-Miss.) cited the need for a cybersecurity coordinator at the White House, a position eliminated by former national security adviser John Bolton in 2018.
“It’s clear in this situation that person would be ideal for us to be talking to,” Thompson told C-SPAN.
A provision to reestablish the cyber czar position has been included in the 2021 National Defense Authorization Act (NDAA), a sweeping defense funding bill that both chambers approved by bipartisan majorities.
It includes a raft of other critical cybersecurity provisions, including provisions to strengthen CISA’s powers and national defense against cyberattacks.
Trump has said repeatedly he intends to veto the bill over other concerns. Republicans this week made clear that after the SolarWinds breach, the NDAA must be signed into law.
“One of the immediate steps the Administration can take to improve our cyber posture is signing the NDAA into law,” Senate Armed Services Committee Chairman James Inhofe (R-Okla.) and ranking member Jack Reed (D-R.I.) said in a joint statement on Thursday. “The NDAA is always ‘must-pass’ legislation – but this cyber incident makes it even more urgent that the bill become law without further delay.”
Republican leaders of the House Armed Services Committee, including current ranking member Mac Thornberry (R-Texas) and incoming ranking member Mike Rogers (R-Ala.), put out a statement Friday lauding the cyber provisions, describing them as providing “critical safeguards” for national security.
Sen. Susan Collins (R-Maine) added to the pressure, tweeting Friday that “The President should immediately sign the NDAA not only to keep our military strong but also because it contains significant cyber security provisions that would help thwart future attacks.”
Beyond the NDAA, Democrats on Friday blasted Trump for not immediately springing into action to address the breach.
“The president should be all over it, it should be his first, second, third concern, the whole government should be all over it,” Maloney said. “It’s deeply concerning, deeply distressing and a huge challenge for our country.”