IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Russian spy chief rebuffs “pathetic” SolarWinds hack accusations

Sergei Naryshkin said the tactics of the attack were similar to those used by US and British intelligence agencies.

The head of the Russian Foreign Intelligence Service (SVR) has denied any involvement in last year’s SolarWinds cyber attack which saw hackers infiltrate the networks of hundreds of companies as well as nine US governmental agencies.

SVR director Sergei Naryshkin told the BBC that he is "flattered" by the accusations from US and UK authorities that claim  Moscow had orchestrated such a sophisticated hack, yet added that he could not "claim the creative achievements of others as his own".

"These claims are like a bad detective novel," he told the BBC's Moscow correspondent Steve Rosenberg, who asked Naryshkin about the SVR’s links to the hacking group known as APT29, Cozy Bear, or the Dukes, which have been accused of carrying out the cyber attack.

Naryshkin described “all these claims about cyber attacks, poisonings, hacks, interference in elections which are blamed on Russia” as “absurd, and in some cases so pathetic”. 

Instead, he suggested that the SolarWinds hack might have been orchestrated by the West, which could have used similar tactics to those exposed by former National Security Agency contractor Edward Snowden. He leaked documents detailing the US and UK intelligence services’ efforts to “insert secret vulnerabilities into commercial encryption software” with the help of ISP providers and tech companies.

Related Resource

NETSCOUT threat intelligence report

Cyber crime: Exploiting a pandemic

Threat intelligence report - whitepaper from NETSCOUTDownload now

“I don’t want to assert that this cyber attack was carried out by a US agency but the tactics are similar,” said Naryshkin, who also questioned the evidence obtained by the US and UK intelligence agencies that linked the attack to Moscow.

President Donald Trump previously stated that the SolarWinds hack might have been orchestrated by the Chinese state and accused media outlets of being “petrified of discussing the possibility that it may be China”. However, the FBI, CISA, ODNI, and the NSA claimed that the Advanced Persistent Threat (APT) actor behind the incident is “likely Russian in origin”.

The statement prompted Russia’s National Coordination Center for Computer Incidents (NKTSKI) to issue a warning to Russian businesses, claiming that the new Biden administration could carry out reprisal attacks on critical infrastructure. 

Last month, the UK’s National Cyber Security Centre (NCSC) confirmed the US’ suspicions, concluding that it was “highly likely the SVR was responsible for gaining unauthorised access to SolarWinds “Orion” software and subsequent targeting”.

The Foreign, Commonwealth and Development Office (FCDO) has also summoned the Russian Ambassador over the UK government’s “deep concern at a pattern of malign activity, including cyber intrusions”. To coincide with the UK government's statement, US president Joe Biden also announced new sanctions against Russia, targeting 32 entities and officials, as well as expelling 10 diplomats.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Best free malware removal tools 2022
Security

Best free malware removal tools 2022

22 Jun 2022
A guide to cyber security certification and training
Careers & training

A guide to cyber security certification and training

16 Jun 2022
What is shoulder surfing?
social engineering

What is shoulder surfing?

10 Jun 2022
CIAM buyer’s guide
Whitepaper

CIAM buyer’s guide

6 Jun 2022

Most Popular

The UK's best cities for tech workers in 2022
Business strategy

The UK's best cities for tech workers in 2022

24 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022