How Choosing the Right Printer Helps Small Businesses and Content Creators to Save Time, Maximise Productivity and Achieve GrowthRead more The United States Contributes USD $223 Million to Help World Food Programme (WFP) Save Lives and Stave Off Severe Hunger in South SudanRead more Eritrea: World Breastfeeding WeekRead more Eritrean community festival in Scandinavian countriesRead more IOM: Uptick in Migrants Heading Home as World Rebounds from COVID-19Read more Network International & Infobip to offer WhatsApp for Business Banking Services to Financial Institution Clients across AfricaRead more Ambassador Jacobson Visits Gondar in the Amhara Region to Show Continued U.S. Support for the Humanitarian and Development Needs of EthiopiansRead more Voluntary Repatriation of Refugees from Angola to DR Congo ResumesRead more Senegal and Mauritania Are Rich in Resources, Poor in Infrastructure, Now Is the Time to Change That Read more Madinat Jumeirah: Dubai’s Stunning Four Hotel Beach Resort Offers Unirvalled Benefits for Summer StaycationsRead more

Russia ‘likely’ behind SolarWinds hack: US intelligence

show caption
The US Treasury department is one of those which says it fell victim to the hack./AFP
Print Friendly and PDF

Jan 06, 2021 - 06:26 AM

WASHINGTON — US intelligence and law enforcement agencies said Tuesday that Russia was probably behind the massive SolarWinds hack that has shaken government and corporate security, contradicting President Donald Trump, who had suggested China could be to blame.

A joint statement by the FBI, Directorate of National Intelligence, the National Security Agency and Cybersecurity and Infrastructure Security Agency outlined their findings in what experts have called the most devastating break in US computer security in years.

Their investigation “indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks,” they said.

Trump, who over four years has steadfastly avoided criticizing Moscow, has refused to finger Russia in the hacking case.

“Russia, Russia, Russia is the priority chant when anything happens,” he tweeted about the hack in December, adding that the media were, “for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!).”

Both Secretary of State Mike Pompeo and then-Attorney General Bill Barr have also previously pointed to Moscow as the culprits.

According to CISA, the hack is focused on the Orion security software produced by the US firm SolarWinds, widely found in government and private sector computers across the globe.

Some 18,000 public and private customers of SolarWinds would be vulnerable to the hack, the statement said.

But it said that out of that number, “a much smaller number have been compromised by follow-on activity on their systems.”

So far investigators have found less than 10 US government agencies whose systems were compromised, the statement said.

The statement did not identify which agencies. But some have admitted they were targets, including the State Department, Commerce Department, Treasury, Homeland Security Department, Defense Department, and the National Institutes of Health.

The intrusion, which began earlier this year, only became public in December, revealed by private security consultants.

It sparked concerns that those behind it may have been able to access highly classified government secrets.

The three agencies said that they believe the hack “was, and continues to be, an intelligence gathering effort,” rather than an effort to steal corporate secrets or wreak damage on IT systems.

“This is a serious compromise that will require a sustained and dedicated effort to remediate,” they said.

The wording in the attribution, that it was “likely” a breach by Russians, came under fire from a senior lawmaker who had already been briefed by US intelligence in December on it.

“It’s unfortunate that it has taken over three weeks after the revelation of an intrusion this significant for this Administration to finally issue a tentative attribution,” said Senator Mark Warner, vice chairman of the Senate Intelligence committee.

“I would hope that we will begin to see something more definitive,” he said.

“We need to make clear to Russia that any misuse of compromised networks to produce destructive or harmful effects is unacceptable and will prompt an appropriately strong response.”

ZONNTECH.COM uses both Facebook and Disqus comment systems to make it easier for you to contribute. We encourage all readers to share their views on our articles and blog posts. All comments should be relevant to the topic. By posting, you agree to our Privacy Policy. We are committed to maintaining a lively but civil forum for discussion, so we ask you to avoid personal attacks, name-calling, foul language or other inappropriate behavior. Please keep your comments relevant and respectful. By leaving the ‘Post to Facebook’ box selected – when using Facebook comment system – your comment will be published to your Facebook profile in addition to the space below. If you encounter a comment that is abusive, click the “X” in the upper right corner of the Facebook comment box to report spam or abuse. You can also email us.