- By singling out Russia, Barr joined Secretary of State Mike Pompeo and the rest of the national security establishment but contradicted Trump.
- Trump downplayed the seriousness of the attack and suggested without any evidence that China, not Russia, might be to blame.
WASHINGTON — Outgoing Attorney General William Barr said Monday that the massive SolarWinds hack of U.S. government agencies "certainly appears to be" the work of Russia, contradicting President Donald Trump.
By singling out Russia as the likely perpetrator of the cyberattack, Barr sided with Secretary of State Mike Pompeo and the rest of the national security establishment but contradicted the president.
Barr made the remarks during an impromptu press conference, just two days before he is scheduled to leave his job.
After several days of silence about the sweeping breach of government and private-sector networks, Trump downplayed the seriousness of the attack in a pair of tweets over the weekend. He suggested without any evidence that China, and not Russia, might be to blame.
"The Cyber Hack is far greater in the Fake News Media than in actuality," Trump wrote. "I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!)."
Trump also suggested without evidence that the hack could have impacted voting software in November's presidential election. This was the latest in a series of increasingly far-fetched conspiracy theories the president has floated in his refusal to accept that he lost the Nov. 3 election.
Pompeo's first public comments about the attack came during a Friday night radio interview on "The Mark Levin Show."
"This was a very significant effort, and I think it's the case that now we can say pretty clearly that it was the Russians that engaged in this activity," said Pompeo.
Several news outlets have also reported that White House officials prepared a public statement late last week on the cyberattacks, which placed responsibility for the hack squarely on Russia. But at the last minute, they were prohibited from releasing it.
More than a week after the initial breach was reported, both U.S. government agencies and private-sector companies targeted in the attack are still working to develop a full picture of the extent of the breach and the potential damage to U.S. cyber infrastructure and critical information systems.
The initial investigation suggests the breach was carried out via malicious code hidden in a software update from the widely used IT management company SolarWinds. Russia has denied any involvement in the attack.
The three lead agencies responsible for investigating the attack and protecting the nation from cyberthreats — the FBI, the Cybersecurity and Infrastructure Security Agency, or CISA, and the Office of the Director of National Intelligence — announced last week that they had formed a joint command to respond to what they called "a significant and ongoing cybersecurity campaign" against the United States.
Trump's refusal to acknowledge either the full extent of the attack or its likely perpetrators fits his pattern over the past four years of downplaying Russia's malicious actions around the world.
As part of that pattern, Trump has ignored and dismissed U.S. intelligence assessments of Russia's culpability in several major operations, most notably the 2016 cyberattacks and disinformation campaign that damaged Trump's then opponent, Hillary Clinton.