US intelligence and law enforcement agencies said on Tuesday that Russia may be behind the large-scale SolarWinds hack, which has shaken the security of the government and businesses. This contradicts President Donald Trump, who has suggested that China might Is the culprit.
A joint statement from the FBI, the National Intelligence Agency, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency outlines their findings, which have been cited by experts as the most disruptive breakthrough in US computer security in years.
Their investigation “shows that the Advanced Persistent Threat (APT) actors that may have come from Russia were recently discovered by government and non-government networks, and are responsible for most or all of the ongoing cyber harm.”
Trump, who has steadfastly avoided criticizing Moscow for four years, refused to blame Russia in the hacking case.
He wrote in a December tweet about the hack: “Russia, Russia, and Russia are the priority tributes when anything happens, and added, “Since it is mainly for financial reasons, the media’s discussion may be China ( It may be China!) Feel uneasy. . “
Internet hackers in fake news media are much more serious than they actually are. I have been fully informed and everything is under control. Russia, Russia, Russia are the preferred choices for anything that happens, because Lamestream is rigid mainly for financial reasons….
-Donald·J·Trump (@realDonaldTrump) December 19, 2020
Both Secretary of State Mike Pompeo and then Attorney General Bill Barr pointed out that Moscow was the culprit.
According to CISA, the focus of the hacker attack was the Orion security software produced by the US company SolarWinds, which was widely found on computers in governments and private sectors around the world.
The statement said that approximately 18,000 public and private customers of SolarWinds will be vulnerable to hacker attacks.
But it said that of this number, “a very small portion was damaged by the follow-up activities of the system.”
The statement said that so far, investigators have found that the systems of less than ten US government agencies have been compromised.
The statement did not specify which institution. But some people recognize them as targets, including the State Department, the Department of Commerce, the Department of Finance, the Department of Homeland Security, the Department of Defense, and the National Institutes of Health.
Private security consultants revealed that the invasion began at the beginning of this year and was not made public until December.
It raises concerns that the people behind may have been able to access highly classified government secrets.
The three agencies stated that they believe that this type of hacker “was and has been an intelligence gathering job” rather than a job to steal company secrets or disrupt IT systems.
They said: “This is a serious compromise and requires continuous remedies.”
The wording in the attribution was “probably” a violation of the Russians, which was criticized by a senior congressman who had been notified by the US intelligence agency in December.
Senator Mark Warner, deputy chairman of the Senate Intelligence Committee, said: “Unfortunately, it has taken more than three weeks after the incident was revealed. For this administration, this is a final preliminary attribution.”
He said: “I hope we will start to see something more certain.”
“We need to make it clear to Russia that any abuse of a victim network to produce destructive or harmful effects is unacceptable and will cause an appropriate and powerful response.”
What is the most exciting technology conference in 2021? We discussed on the weekly technical podcast Orbital, you can subscribe via Apple Podcast, Google Podcast or RSS, download the episode, or click the play button below.