US government blames Russia for SolarWinds hack

The accusation comes as SolarWinds faces legal action for failing to disclose vulnerabilities in a timely manner

Sabina Weston's avatar
By
published
in News
The outline of the side profile of US president Donald Trump against the Russian flag
(Image credit: Shutterstock)

Last month’s cyber attack on Solarwinds likely originated in Russia, according to a joint statement from four US intelligence agencies, including the FBI, CISA, ODNI, and the NSA.

The four agencies had been appointed by the White House National Security Council to investigate the SolarWinds attack under a joint task force named as the Cyber Unified Coordination Group (UCG).

The attack, which was confirmed in mid-December, saw hackers gain access to the networks of 18,000 SolarWinds public sector and business customers after they successfully compromised the company’s Orion security platform.

Although previously rumoured to have been orchestrated by Russian hackers, the statement marks the US government’s official accusation that the country is responsible for the attack.

Latest Videos From

The document states that the Advanced Persistent Threat (APT) actor behind the incident is “likely Russian in origin”.

President Donald Trump previously stated that the attack might have been orchestrated by the Chinese state and accused media outlets of being “petrified of discussing the possibility that it may be China”.

In a statement on Twitter last month, the president also downplayed the incident, claiming that “the Cyber Hack is far greater in the Fake News Media than in actuality”.

“I have been fully briefed and everything is well under control,” he added.

It's also been revealed this week that Solarwinds is facing legal action after one of the company's investors filed a proposed class action filed on Monday. The lawsuit alleges that Solarwinds damaged shareholders by failing to disclose the vulnerabilities in a timely manner.

According to reports from earlier this week, the list of confirmed victims of the hack surpassed 250 US government agencies and businesses. Microsoft has also confirmed that the attackers accessed source code repositories as part of the hack, but didn’t alter the codebase at the heart of the firm’s core products and services.

Sabina Weston
Sabina Weston

Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.

Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.

Latest