US government blames Russia for SolarWinds hack

The accusation comes as SolarWinds faces legal action for failing to disclose vulnerabilities in a timely manner

Last month’s cyber attack on Solarwinds likely originated in Russia, according to a joint statement from four US intelligence agencies, including the FBI, CISA, ODNI, and the NSA.

The four agencies had been appointed by the White House National Security Council to investigate the SolarWinds attack under a joint task force named as the Cyber Unified Coordination Group (UCG).

The attack, which was confirmed in mid-December, saw hackers gain access to the networks of 18,000 SolarWinds public sector and business customers after they successfully compromised the company’s Orion security platform.

Although previously rumoured to have been orchestrated by Russian hackers, the statement marks the US government’s official accusation that the country is responsible for the attack.

The document states that the Advanced Persistent Threat (APT) actor behind the incident is “likely Russian in origin”.

President Donald Trump previously stated that the attack might have been orchestrated by the Chinese state and accused media outlets of being “petrified of discussing the possibility that it may be China”.

In a statement on Twitter last month, the president also downplayed the incident, claiming that “the Cyber Hack is far greater in the Fake News Media than in actuality”. 

“I have been fully briefed and everything is well under control,” he added.

It's also been revealed this week that Solarwinds is facing legal action after one of the company's investors filed a proposed class action filed on Monday. The lawsuit alleges that Solarwinds damaged shareholders by failing to disclose the vulnerabilities in a timely manner.

According to reports from earlier this week, the list of confirmed victims of the hack surpassed 250 US government agencies and businesses. Microsoft has also confirmed that the attackers accessed source code repositories as part of the hack, but didn’t alter the codebase at the heart of the firm’s core products and services.

Featured Resources

The definitive guide to warehouse efficiency

Get your free guide to creating efficiencies in the warehouse

Free download

The total economic impact™ of Datto

Cost savings and business benefits of using Datto Integrated Solutions

Download now

Three-step guide to modern customer experience

Support the critical role CX plays in your business

Free download

Ransomware report

The global state of the channel

Download now

Recommended

What is a web filter?
cyber security

What is a web filter?

24 Sep 2021
100 million IoT devices affected by zero-day flaw
Internet of Things (IoT)

100 million IoT devices affected by zero-day flaw

24 Sep 2021
Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021
HP Wolf Security: Threat insights report
Whitepaper

HP Wolf Security: Threat insights report

24 Sep 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

17 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

17 Sep 2021