Russian spy chief rebuffs “pathetic” SolarWinds hack accusations

Sergei Naryshkin said the tactics of the attack were similar to those used by US and British intelligence agencies.

The head of the Russian Foreign Intelligence Service (SVR) has denied any involvement in last year’s SolarWinds cyber attack which saw hackers infiltrate the networks of hundreds of companies as well as nine US governmental agencies.

SVR director Sergei Naryshkin told the BBC that he is "flattered" by the accusations from US and UK authorities that claim  Moscow had orchestrated such a sophisticated hack, yet added that he could not "claim the creative achievements of others as his own".

"These claims are like a bad detective novel," he told the BBC's Moscow correspondent Steve Rosenberg, who asked Naryshkin about the SVR’s links to the hacking group known as APT29, Cozy Bear, or the Dukes, which have been accused of carrying out the cyber attack.

Naryshkin described “all these claims about cyber attacks, poisonings, hacks, interference in elections which are blamed on Russia” as “absurd, and in some cases so pathetic”. 

Instead, he suggested that the SolarWinds hack might have been orchestrated by the West, which could have used similar tactics to those exposed by former National Security Agency contractor Edward Snowden. He leaked documents detailing the US and UK intelligence services’ efforts to “insert secret vulnerabilities into commercial encryption software” with the help of ISP providers and tech companies.

Related Resource

NETSCOUT threat intelligence report

Cyber crime: Exploiting a pandemic

Threat intelligence report - whitepaper from NETSCOUTDownload now

“I don’t want to assert that this cyber attack was carried out by a US agency but the tactics are similar,” said Naryshkin, who also questioned the evidence obtained by the US and UK intelligence agencies that linked the attack to Moscow.

President Donald Trump previously stated that the SolarWinds hack might have been orchestrated by the Chinese state and accused media outlets of being “petrified of discussing the possibility that it may be China”. However, the FBI, CISA, ODNI, and the NSA claimed that the Advanced Persistent Threat (APT) actor behind the incident is “likely Russian in origin”.

The statement prompted Russia’s National Coordination Center for Computer Incidents (NKTSKI) to issue a warning to Russian businesses, claiming that the new Biden administration could carry out reprisal attacks on critical infrastructure. 

Last month, the UK’s National Cyber Security Centre (NCSC) confirmed the US’ suspicions, concluding that it was “highly likely the SVR was responsible for gaining unauthorised access to SolarWinds “Orion” software and subsequent targeting”.

The Foreign, Commonwealth and Development Office (FCDO) has also summoned the Russian Ambassador over the UK government’s “deep concern at a pattern of malign activity, including cyber intrusions”. To coincide with the UK government's statement, US president Joe Biden also announced new sanctions against Russia, targeting 32 entities and officials, as well as expelling 10 diplomats.

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Recommended

What is cyber warfare?
Security

What is cyber warfare?

2 Jun 2021
Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
Splunk debuts a new suite of cloud security solutions
Security

Splunk debuts a new suite of cloud security solutions

22 Jun 2021

Most Popular

Best paying tech jobs of 2021
Careers & training

Best paying tech jobs of 2021

7 Jun 2021
Ten-year-old iOS 4 recreated as an iPhone app
iOS

Ten-year-old iOS 4 recreated as an iPhone app

10 Jun 2021
Mythic launches power-sipping AI chip
Hardware

Mythic launches power-sipping AI chip

8 Jun 2021