US government blames Russia for SolarWinds hack

The accusation comes as SolarWinds faces legal action for failing to disclose vulnerabilities in a timely manner

Last month’s cyber attack on Solarwinds likely originated in Russia, according to a joint statement from four US intelligence agencies, including the FBI, CISA, ODNI, and the NSA.

The four agencies had been appointed by the White House National Security Council to investigate the SolarWinds attack under a joint task force named as the Cyber Unified Coordination Group (UCG).

The attack, which was confirmed in mid-December, saw hackers gain access to the networks of 18,000 SolarWinds public sector and business customers after they successfully compromised the company’s Orion security platform.

Although previously rumoured to have been orchestrated by Russian hackers, the statement marks the US government’s official accusation that the country is responsible for the attack.

The document states that the Advanced Persistent Threat (APT) actor behind the incident is “likely Russian in origin”.

President Donald Trump previously stated that the attack might have been orchestrated by the Chinese state and accused media outlets of being “petrified of discussing the possibility that it may be China”.

In a statement on Twitter last month, the president also downplayed the incident, claiming that “the Cyber Hack is far greater in the Fake News Media than in actuality”. 

“I have been fully briefed and everything is well under control,” he added.

It's also been revealed this week that Solarwinds is facing legal action after one of the company's investors filed a proposed class action filed on Monday. The lawsuit alleges that Solarwinds damaged shareholders by failing to disclose the vulnerabilities in a timely manner.

According to reports from earlier this week, the list of confirmed victims of the hack surpassed 250 US government agencies and businesses. Microsoft has also confirmed that the attackers accessed source code repositories as part of the hack, but didn’t alter the codebase at the heart of the firm’s core products and services.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

What is cyber warfare?
Security

What is cyber warfare?

23 Mar 2021
HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Mastering endpoint security implementation
Security

Mastering endpoint security implementation

16 Apr 2021
US, UK say Russia was behind SolarWinds hack
cyber attacks

US, UK say Russia was behind SolarWinds hack

16 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
University of Hertfordshire's entire IT system offline after cyber attack
cyber attacks

University of Hertfordshire's entire IT system offline after cyber attack

15 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021