Security council. As the New York Times reported at the time, quote, the elimination of the Cyber Security role is likely to increase concern of the Trump Administration shorthanded and unprepared to deal with increasing Cyber Security threats. Last night senator blumenthal said on this show the russian cyber attack made him both alarmed and scared. He could not fully elaborate because the information was classified but tonight we have a better understanding of why that might be. Politico reporting the Energy Department and National Nuclear security administration, which maintains the u. S. Nuclear weapon stockpile have evidence that hackers accessed their networks as part of an extensive espionage operation. The Energy Department since released a statement saying at this point, the investigation has found that the malware has been isolated to Business Networks only and has not impacted the mission of National Security functions of the department, including the National Nuclear security administration. Now, right now we dont know what the hackers did, if anything, inside the network of the agency that maintains our Nuclear Weapons. The idea that our Nuclear Weapons are not completely secure would be profoundly disturbing. In an oped for the New York Times, President Trumps former Homeland Security adviser tom bossert explained why the russians dont even need to do much to cause chaos. Quote, the actual and perceived control of so many Important Networks could easily be used to undermine public and Consumer Trust in data, written communications and services. The networks that the russians control, they have the power to destroy or alter data and impersonate legitimate people. Tensions could escalate quite easily, both hallmarks of russian behavior. This cyber attack was so pervasive, its not just the u. S. Government impacted. New york times reported microsoft has identified 40 companies that suspected Russian Hackers stole data from. Nearly half are private technology firms. Microsoft said, many of them Cyber Security firms like fireeye that are charged with securing vast sections of the public and private sector. Nicole perilroff covers Cyber Security for the New York Times. She has been covering this story through this developing Cyber Security crisis. Nicole, youve been reporting i know all day on this. Whats the sort of latest where we are on this . The latest is what microsoft said tonight. They came out tonight and said so far they have identified 40 victims. Whats interesting about victimology here is that like they said, nearly half are i. T. Companies, like solar winds, which we know was used as a conduit to get into some of these federal agencies. Fisa also came out saying they believe solar winds was not the only end road into these systems. Were looking at hack that is not just ongoing, its not just highly sophisticated but also we cannot trust the supply chain. We can no longer trust that any Third Party Application in these systems has not been compromised by russia. So far, microsoft said they identified 40 victims. They said its early days. They expect that number to rise. Already what we know is that the list of victims is highly concerning. As you mentioned, were looking at sections of the department of energy. We already reported at the times that Los Alamos National labs had been one of the agencies hit that oversees the nations Nuclear Weapons stockpile. Commerce, treasury, parts of the pentagon, but the list keeps getting greater, and we expect that actually the next couple of victims that will identify probably will likely be Major Technology companies. Theres a bunch of things to process here. One is this wasnt, if we say it was a hack of the u. S. Government, thats too specific. It appears to be a broad hack of all kinds of entities. Big private firms including Software Security firms, big private enterprises, fortune 500 companies, think tanks, the government. The thing that really struck me in that tom bossert oped was him just making a point that look, they were in there for eight months without anyone knowing. Thats a lot of time for a lot of very sophisticated operatives to put a bunch of different trap doors in that arent going to be found. Thats right. We know from fireeye they have already found several back doors they planted once they were inside. And i think its everyone says its still very early. They expect to find more back doors. Its going to be very hard for victims that are not technologically sophisticated to find all of them. They expect the investigation alone could take months, if not years. Theres going to be a very long tail to this. Now the only quibble i have with tom bosserts oped in the times last night, he made the point that it could be used for destruction of data, to shut down systems. If theres any Silver Lining to this and there really arent many, the group we think is behind this, the svr, they are more quiet prowlers than other units of the russian intelligence service. This is another group. This is the group that goes in and they are designed to steal data for traditional espionage but theyre doing it in such a way they are making us question the vulnerability of our entire supply chain which really makes this a hack of its own. One of the Strange Parts of the story is just theres been so much silence from officials in the federal government about this. Thats been changing over the few days. I want to read this section but get a sense from you about whats changed and how much it is. Federal officials issued warning on thursday who they believe they were working for the kremlin. Used a far wider variety of tools than previously known to penetrate Government Systems, said it was a grave risk to the federal government. Youre starting to get public language from the federal government that echoes the level of seriousness or reporting suggesting but it still seems like we havent had any kind of big address about this from anyone at the top levels. Thats right. Its a mess. Its a complete mess. Were caught completely flat footed about this thing. The president has yet to speak to it at all. Sisa, as you mentioned, put out that alert today. But they were noticeably quiet when this first came out beyond issuing an emergency directive for people to unplug the solar wind system that was compromised. Were hearing from microsoft today that the agencies are coming to microsoft to find out if other agencies are compromised. The private sector are leading the notification of federal agencies. Telling them they were compromised in this. That feels very backwards. We have been talking about information sharing. The government has asked for better information sharing but there is noticeable lack of flow coming from federal agencies right now. Really were just relying on most of these private sector reports. Incredible story unfolding before us. Youve been doing great reporting on this. Thank you for joining us tonight. Thanks for having me, chris. Good to be with you. Few people in the u. S. Know as much about russian intelligence capabilities as former cia director john brennan. Im glad to have him with me on the show now. Here is my question and its a question you may or may not be able to answer. It seems like the most important one. We know that the u. S. And russia and china and all kinds of different world powers have intelligence capables, surveillance capabilities. You see a story about a russian mole or intelligence asset was caught in the u. S. , we know that the u. S. Is doing that in russia as well as all sorts of countries are trying to spy on each other. Im having a hard time figuring out where in the spectrum this is in terms of routine or just really off the charts. Well, it appears this is the work of the russian svr. As nicole said, which is basically the rough equivalent of the cia. They are the Russian Group that collects intelligence against foreign targets and their primary foreign target is the u. S. Government and u. S. Hightech firms. This is very, very damaging breach of those systems and networks that if youre able penetrate them you have access to troves of information. Of great intelligence value to russia. This seems creative and unfortunately very successful attack given the scope, since it went after so many Government Departments and agencies as well as private firms. But as it was pointed out, the duration that they have been in those network, and then the ability to extract information, apparently out of it and defeat the einstein sensor system, which is designed to detect the extraction of information to different ip addresses that could in fact be those mechanisms that the russians used to get information out. As nicole said, this is intelligence collection activity but i wouldnt take great comfort in just thinking that the svr, which is traditionally intelligence Collection Agency will not be potentially used to deploy malware that could lie silent for a while that could have disabling and destructive capabilities that the russians could decide to activate at certain times. Now also i should point out, though, it does seem as though this is the Unclassified Networks that are very, very important and contain very sensitive information. But the very sensitive and Mission Critical networks are classified networks in the Intelligence Community and in the National Nuclear security agency. If theyre able to infect these Business Networks, and the cancer is metastasizing throughout the systems, there are things that could be done to disable all of those support systems that go into supporting critical missions. You know, responses back to sort of the framework of intelligence or counterintelligence. At a certain level, intelligence agencies will have ways in which they counter each other. Then intelligence crisis can rise to the level of dip diplomatic, Foreign Policy, and sometimes military issues. It seems theres some response that has to happen above just Cyber Defense in terms of how this is broached as a Foreign Policy matter. What do you think . Well, yeah. I think the first and foremost the u. S. Government needs to understand exactly what has happened and tried to then prevent further damage from taking place. It seems as though they are still uncovering the various places and networks where the russians apparently were able to access. That is the primary responsibility of the Cyber Security professionals and also in the hightech. As nicole pointed out, there are supply chain issues that are quiet complex and complicated that defy easy solutions. As far as dealing with russia, we can decide to sanction individuals within the svr who have been identified as behind this very, unfortunately, sft successful breach of our systems. We done that with chinese and others. Theres been breaches of Government Systems before. The very large breach of the opm systems and networks that gave china a treasure trove of information. This, again, a feature of this digital environment that rides on the worldwide web that very, very ingenious and creative cyber actors can exploit to access these networks and pull out information or, again, potentially disable and destruct networks that can have a very, very grave and damaging impact on our National Security. Theres sort of a striking symmetry. Obviously 2016 was a year there was a cyber attack on the u. S. Election. And that went beyond just extrax traction of information, right . It was actually used in a very explicit way to interfere in the election, to sabotage one campaign over the other. The president never acknowledging that, really. Making excuses for it. Back in 2017 he talked about how he and putin discussed forming a impenetrable Cyber Security unit. He said hacking and many other negative things will be guarded. Which i dont think happened. I want to play what senator mitt romney said today who issued a strong statement about the absence of any response from the administration. Take a listen. National security is extraordinarily vulnerable. In this setting not to have the white house aggressively speaking out and protesting and taking punitive action is really quite extraordinary. What do you think of that . Any other president would have made this his or her first, second and third priority at the first instance of being aware of the magnitude of this breach. But unfortunately we have donald trump, who cons to push out this theory of fraudulent election and ignoring a very, very serious and damaging attack, basically, against our systems that, again, have given apparently the russians free access to so much critically Important Information that we rely on for our National Security. So the Biden Administration is going to now have one more very, very messy issue that it needs to address from day one. The fact that donald trump does not address this, its not shocking or surprising at all but it is unconscionable. It is disgraceful, and it is something again putting the United States at greater risk visavis our adversaries. All right. John brennan, thank you so much for joining us tonight. Thanks, chris. Tonight were one step closer to a second coronavirus vaccine, but all this only works if people can get the vaccine, and they are willing to take it. Nbc reporter on the growing Vaccine Campaign targeting local media, after this. Our doctor about Treatment Options is key. Today, we are redefining how we do things. We find new ways of speaking, so youre never out of touch. Its seeing someones face that comforts us, no matter where. When those around us know us, they can show us just how much they care. The first steps of checking in, the smallest moments can end up being everything. Theres resources that can inform us, and that spark can make a difference. When we use it to improve things, then that change can last within us. When we understand whats possible, we wont settle for less. The best thing we can be is striving to be at our best. Managing Heart Failure starts now with understanding. Call today or go online to understandheartfailure. Com for a free Heart Failure handbook. My hands are everything to me. But i was diagnosed with dupuytrens contracture. And it got to the point where things i took for granted got tougher to do. Thought surgery was my only option. Turns out i was wrong. So when a hand specialist told me about nonsurgical treatments, it was a total game changer. Like you, my hands have a lot more to do. Learn more at factsonhand. Com today. The path is now clear for the second coronavirus vaccine. An Advisory Panel to the food and Drug Administration just hours ago voting 200, one abstention, to recommend and emergency use authorization be issued for the moderna vaccine. That comes on the heels of Pfizer Vaccines approval for emergency use just last week. Both vaccines use this incredible new rna technology. We should do a segment on that at some point. Both have shown high rates and 95 for pfizer. Thats all great news. And one of the key differences is that the moderna vaccine, the one that was approved today, does not have to be stored at those crazily ultra cold temperatures that require special idesed freezers like the pfizer one does. And that, of course, will make distribution significantly easier. Again, all of this is great news. The fda is expected to give its final approval to moderna tomorrow. And a la the pfizer vaccine, the doses will begin shipping out across the country immediately because we already have them ready and willing to go. The Development Time line is one and the success is one of the greatest scientific breakthroughs in recent memory. Its just absolutely must needed hope for all of us. A bright spot at the end of this extremely dark year. The thing is the vaccine by itself existing will not bring an end to the pandemic, right . Even this breakthrough cant save us from bad government or bad institutions. In the fight against the virus, were going to need everything working together. We have watched the Trump Administrations utter disregard for nine months and during their utter reckless disregard the scientist race to get us these vaccines in record time. They did their job. Now we need all parts of American Society from the media, social media to government to do their jobs to get us out of this. All the things that on our governing structure, right, that have not worked, all the parts of the response that have failed, the lack of coordination to federal government, local governments,