Transcript for 'All indications point to Russia' being behind cyberattack: Sen. Mark Warner
Now to that massive cyber attack targeting the government's top agencies. Dozes of networks breached including treasury, state and home land skurpt security and the department of energy. While president trump down plays the event, his secretary of state Mike Pompeo called out the Russians. Pierre Thomas has thter: The president suggested China might be involved putting him at odds with secretary of state Mike Pompeo who confirmed the Russians are the prime suspect. Then you have Marco Rubio saying it's increasingly clear that Russian intelligence created the greatest cyber intrusion in our George, I've been covering cyber attacks for more than 20 years and have never seen anything like this. We're talking not just one agency, but departments across the entire federal government. The Russians are expected of spying on the emails of U.S. Government officials and those in private companies. There's deep concern it's ongoing and the Russians may have the capacity to manipulate and damage computer networks. It's all made worse by the fact that this breach was launched in March and went undetected for months. We don't even know what we don't know right now. How could something so sweeping like this happen? Reporter: There's a company called solar winds that makes software products that monitor traffic on computer networks. This product is used by multiple government agencies and many fortune 500 companies. It's a serious situation. There's a bunch of questions. How did so many government agencies allow themselves to be dependent on one company's product and why were there so many security requirements that were not apparently followed? Pierre, thanks very much. Let's get more on this from senator mark Werner. Thanks for joining us this morning. We saw president trump downplay the attack yesterday saying it's all under control that China, not Russia may be behind it. Any doubt it was the Russians? I would echo what secretary Pompeo said and Marco Rubio has said. All indications point to Russia. Fire eye, one of the nation's top cyber security companies who got hacked, they also indicted Russia. Thank goodness fire eye came forward. If they had not, we might not have been able to discover the this attack shows when a nation state brings their best tools to the table, it's very tough for any government agency or company for that matter to keep them out. I think this raises a whole host of questions of how did they get in, stay so long, how do we make sure our government agency CISA that's supposed to oversee cyber security, there's not even a requirement that private companies or even public agencies have to affirmatively report that kind of attack or intrusion to CISA. We need to look at a new set of rules and find ways to align with our allies to prevent this kind of activity from going forward. Is this under control now or is it still ongoing? This attack, you mentioned solar winds, 18,000 customers, ubiquitous across industry and government, we have narrowed this to companies and agencies that we know the bad guys got in, but they got in and were in for a long time. They're very deep. It may be ongoing. We've not discovered how we'll ferret them fully out. We need to realize when you get into a supply chain, any product, you can go from one company into another into another and ultimately get down to some of our most important innovation tools being discovered by our adversaries. This is extraordinary serious. When the president of the united States tries to dear not willing to call out the adversary as we make that attribution he is not making our country safer. We know this has been going on since at least March. Are we confident our systems weren't breached before that? What is the goal of this operation? Is it theft and destruction of data or actual intelligence collection? So far the good news is it appears that only the nonclassified networks have been breached. There's no indication yet that classified networks have been breached, number one. Number two, the amount of information and the targeting of companies shows a very, very sophisticated actor. This is classic obtaining information, critical information, potentially intellectual product. I mentioned fire eye. They stole from fire eye. They revealed their red team tactics of how they would counter a cyber intrusion. The adversary very probably as the secryry of state said, Russia, came away with a big we're still determining how extensive this attack will be. It will take weeks to continue to ferret this out and then potentially months to remediate. Senator Mitt Romney called it the modern equivalent of Russian bombers flying undetected over our entire country. Is it an act of war? If so, how should we retaliate? I'm not sure I agree with senator Romney's analogy. This is a very sophisticated attempt to take key information, key information, potentially the ability to frankly intimidate actual individuals in government, as well as intellectual property. It begs the fact that we don't have a set of cyber norms. I think we disproportionately spend on tanks, ships and guns when we should be better otecting on cyber. I think, not only America, but our partners, nato and others because there are international impacts on this as well, with an affirmative cyber doctrine that says you do this type of attack, you will bear the consequences. We don't have those kind of norms out there. We knew back in the 20th century when there were -- when you crossed the line militarily, we'll strike back. There was mutually assured construction with nuclear weapons. This is not the level of attack that Russia took on Ukraine where they were trying to shut down systems. This is in that gray area between espionage and attacks. The only way we can counter it better cyber hygiene, better protocols on how information must be shared if you're attacked, and then making clear to our adversaries if you take this action, we'll strike back. What do you say to people that say this is exactly what America does all the time? We spy on foreign systems. We do hacks. The level of attack like secretary pom said by a potentially Russian spy agency is as broad and deep as we've ever seen. The idea that goes unanswere would be bad American policy and frankly invite Russians or others to continue these malicious activities. Before I let you go, is this covid relief bill going to come together today and is it something you can live with? I was with senator Schumer last night in his office until about 11:00. I was glad to see that senator Toomey accepted senator Schumer's offer on a compromise. We will preclude three of these facilities of being set up again without congressional approval, which was already the law. We did not think tying the hands of a future fed or treasury made any sense. Great news is congress will not be the grinch. We'll get this package done. I'm very proud in many ways this package only came about because a bipartisan group of senators, who spent a month working hard showing the American people we can do things when we have an amazing folks who run out of unemployment the day after Christmas, or get kicked out of their apartments or their long lines at the food banks, help is on the way.
This transcript has been automatically generated and may not be 100% accurate.