SolarWinds Cyber Attack Is Likely A Russian Origin Intelligence Gathering Effort
SolarWinds supply chain attack that was detected in the previous month is now blamed officially on the Russian government by the U.S. government (on Tuesday) for planning and execution of this cyber attack. A joint statement released togetherly by the FBI (Federal Bureau of Investigation), the CISA (Cybersecurity and Infrastructure Security Agency), the ODNI (Office of the Director of National Intelligence) and the NSA (National Security Agency) stated that “This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks. At this time, we believe this was and continues to be, an intelligence-gathering effort”.
Earlier, at the starting of December Russia already refused to accept any sort of involvement in this SolarWinds cyberattack and said that they never do organize any sort of offensive programs in the cyber domain. A Cyber Unified Coordination Group (UCG) is a recently established crew that consists of the FBI, CISA, ODNI, and NSA, put together by the White House National Security Council to explore and get rid of the breach.
Intelligence bureaus stated that they are trying and working to understand the scope of the attack and this complete cyber-attack is being categorized as the “Intelligence Gathering Effort”. It is also believed that out of the 18,000 affected customers (who installed the malware update) less than 10 government agencies were detected with the further activities on their systems. The statement states “The UCG believes that, of the approximately 18,000 affected public and private sector customers of SolarWinds’ Orion product, a much smaller number have been compromised by follow-on activity on their systems. We have so far identified fewer than ten U.S. government agencies that fall into this category, and are working to identify and notify the non-government entities who also may be impacted”.
This statement does not include the disclosure of the affected government agencies even though earlier the U.S. Treasury, Department of Energy and Homeland Security, and many other departments and private companies were pointed out. The joint assertion additionally affirms past hypotheses that connected the undercover work activity to APT29 (or Cozy Bear), a gathering of state-supported programmers related to the Russian Foreign Intelligence Service (SVR).
The hacking effort was eminent for its large scale and covertness, with the assailants utilizing the trust-related with SolarWinds Orion programming to keep an eye on government organizations and different organizations for almost nine months, including seeing source code and taking security apparatuses, when it was found.
If you like this article, follow us on Twitter, Facebook, Instagram, and Linkedin.
