Russian spy chief rebuffs “pathetic” SolarWinds hack accusations
Sergei Naryshkin said the tactics of the attack were similar to those used by US and British intelligence agencies.
The head of the Russian Foreign Intelligence Service (SVR) has denied any involvement in last year’s SolarWinds cyber attack which saw hackers infiltrate the networks of hundreds of companies as well as nine US governmental agencies.
SVR director Sergei Naryshkin told the BBC that he is "flattered" by the accusations from US and UK authorities that claim Moscow had orchestrated such a sophisticated hack, yet added that he could not "claim the creative achievements of others as his own".
"These claims are like a bad detective novel," he told the BBC's Moscow correspondent Steve Rosenberg, who asked Naryshkin about the SVR’s links to the hacking group known as APT29, Cozy Bear, or the Dukes, which have been accused of carrying out the cyber attack.
Instead, he suggested that the SolarWinds hack might have been orchestrated by the West, which could have used similar tactics to those exposed by former National Security Agency contractor Edward Snowden. He leaked documents detailing the US and UK intelligence services’ efforts to “insert secret vulnerabilities into commercial encryption software” with the help of ISP providers and tech companies.
NETSCOUT threat intelligence report
Cyber crime: Exploiting a pandemicDownload now
“I don’t want to assert that this cyber attack was carried out by a US agency but the tactics are similar,” said Naryshkin, who also questioned the evidence obtained by the US and UK intelligence agencies that linked the attack to Moscow.
President Donald Trump previously stated that the SolarWinds hack might have been orchestrated by the Chinese state and accused media outlets of being “petrified of discussing the possibility that it may be China”. However, the FBI, CISA, ODNI, and the NSA claimed that the Advanced Persistent Threat (APT) actor behind the incident is “likely Russian in origin”.
The statement prompted Russia’s National Coordination Center for Computer Incidents (NKTSKI) to issue a warning to Russian businesses, claiming that the new Biden administration could carry out reprisal attacks on critical infrastructure.
Last month, the UK’s National Cyber Security Centre (NCSC) confirmed the US’ suspicions, concluding that it was “highly likely the SVR was responsible for gaining unauthorised access to SolarWinds “Orion” software and subsequent targeting”.
The Foreign, Commonwealth and Development Office (FCDO) has also summoned the Russian Ambassador over the UK government’s “deep concern at a pattern of malign activity, including cyber intrusions”. To coincide with the UK government's statement, US president Joe Biden also announced new sanctions against Russia, targeting 32 entities and officials, as well as expelling 10 diplomats.
How to choose an AI vendor
Five key things to look for in an AI vendorDownload now
The UK 2020 Databerg report
Cloud adoption trends in the UK and recommendations for cloud migrationDownload now
2021 state of email security report: Ransomware on the rise
Securing the enterprise in the COVID worldDownload now
The impact of AWS in the UK
How AWS is powering Britain's fastest-growing companiesDownload now