Last month’s cyber attack on Solarwinds likely originated in Russia, according to a joint statement from four US intelligence agencies, including the FBI, CISA, ODNI, and the NSA.
The four agencies had been appointed by the White House National Security Council to investigate the SolarWinds attack under a joint task force named as the Cyber Unified Coordination Group (UCG).
The attack, which was confirmed in mid-December, saw hackers gain access to the networks of 18,000 SolarWinds public sector and business customers after they successfully compromised the company’s Orion security platform.
Although previously rumoured to have been orchestrated by Russian hackers, the statement marks the US government’s official accusation that the country is responsible for the attack.
The document states that the Advanced Persistent Threat (APT) actor behind the incident is “likely Russian in origin”.
President Donald Trump previously stated that the attack might have been orchestrated by the Chinese state and accused media outlets of being “petrified of discussing the possibility that it may be China”.
In a statement on Twitter last month, the president also downplayed the incident, claiming that “the Cyber Hack is far greater in the Fake News Media than in actuality”.
“I have been fully briefed and everything is well under control,” he added.
It's also been revealed this week that Solarwinds is facing legal action after one of the company's investors filed a proposed class action filed on Monday. The lawsuit alleges that Solarwinds damaged shareholders by failing to disclose the vulnerabilities in a timely manner.
According to reports from earlier this week, the list of confirmed victims of the hack surpassed 250 US government agencies and businesses. Microsoft has also confirmed that the attackers accessed source code repositories as part of the hack, but didn’t alter the codebase at the heart of the firm’s core products and services.
