2 min read

White House Blames Russian Foreign Intelligence for SolarWinds, Imposes Sanctions on Rival Nation

Filip TRUȚĂ

April 16, 2021

White House Blames Russian Foreign Intelligence for SolarWinds, Imposes Sanctions on Rival Nation

The Biden administration this week has issued a statement blaming the Russian government for the SolarWinds supply chain attack, imposing costs on the rival nation for its actions.

A lengthy press release from the White House issued April 15 points the finger at Russian intelligence for several actions against U.S. sovereignty and U.S. partners. Chief among them: the large-scale supply chain attack leveraging the SolarWinds Orion platform affecting tens of thousands of entities across the United States and other parts of the world.

“Today the United States is formally naming the Russian Foreign Intelligence Service (SVR), also known as APT 29, Cozy Bear, and The Dukes, as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures,” the White House states. “The U.S. Intelligence Community has high confidence in its assessment of attribution to the SVR.”

“The SVR”s compromise of the SolarWinds software supply chain gave it the ability to spy on or potentially disrupt more than 16,000 computer systems worldwide,” the statement continues. “The scope of this compromise is a national security and public safety concern. Moreover, it places an undue burden on the mostly private sector victims who must bear the unusually high cost of mitigating this incident.”

The National Security Agency (NSA), the Cybersecurity & Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have also issued a joint cybersecurity advisory that provides details on software vulnerabilities the SVR allegedly uses to gain access to victim devices and networks. The advisory tells IT administrators what steps to take to identify and defend against the alleged malicious cyber activity.

In light of these developments (and other accusations listed in the press release), the Biden administration advises organizations – albeit indirectly – to consider opting out of information and communications technology and services (ICTS) supplied by Russia:

“Additionally, the SVR”s compromise of SolarWinds and other companies highlights the risks posed by Russia”s efforts to target companies worldwide through supply chain exploitation,” it states. “Those efforts should serve as a warning about the risks of using information and communications technology and services (ICTS) supplied by companies that operate or store user data in Russia or rely on software development or remote technical support by personnel in Russia.  The U.S. government is evaluating whether to take action under Executive Order 13873 to better protect our ICTS supply chain from further exploitation by Russia.”

The White House also announced plans to promote a framework of responsible state behavior in cyberspace and cooperation with allies and partners to counter malign cyber activities. The Department of Defense is also taking steps to incorporate additional allies, including the UK, France, Denmark and Estonia, into the planning for CYBER FLAG 21-1 – an exercise designed to improve defensive capabilities and resiliency in cyberspace.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Supply Chain Attack Detected in PyPI Library Supply Chain Attack Detected in PyPI Library
Silviu STAHIE

August 02, 2021

1 min read
Scam baiter Jim Browning bamboozled by scammers into deleting his own YouTube channel Scam baiter Jim Browning bamboozled by scammers into deleting his own YouTube channel
Filip TRUȚĂ

August 02, 2021

3 min read
Instagram influencer Hushpuppi admits his part in scams that stole more than $24 million Instagram influencer Hushpuppi admits his part in scams that stole more than $24 million
Graham CLULEY

July 30, 2021

2 min read