US Government Confirms Russian SVR Behind the SolarWinds Hack

Apr 17, 2021 | News

The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies.

In a brief announcing sanctions on Russia for actions against the U.S. interests, the White House is naming the Cozy Bear group of advanced hackers as the author of the cyber espionage activity exploiting the SolarWinds Orion platform.

The press release from the White House confirms past media reports citing unofficial sources that the Russian Foreign Intelligence Service, the SVR, was behind the SolarWinds hack.

In early January, the Cyber Unified Coordination Group (UCG) attributed the attack to a Russian-backed hacker group, without giving a specific name.

The White House officially blames the SVR for carrying out “the broad-scope cyber espionage campaign” through its hacking division commonly referred to as APT29, The Dukes, or Cozy Bear.

“The U.S. Intelligence Community has high confidence in its assessment of attribution to the SVR,” notes the brief from the White House.

By compromising the SolarWinds software supply chain, the SVR had access to more than 16,000 computers across the world. However, the campaign targeted only select targets, such as companies in the cybersecurity sector (FireEye, Malwarebytes, Mimecast) and state and federal agencies in the U.S.

“The scope of this compromise is a national security and public safety concern. Moreover, it places an undue burden on the mostly private sector victims who must bear the unusually high cost of mitigating this incident” – the U.S. White House

In a joint cybersecurity advisory, the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) are warning about the top five vulnerabilities the SVR is exploiting in attacks against the U.S. interests.

Organizations should heed the warning and take the necessary steps to identify and defend against malicious activity conducted by the SVR.

Reference: https://www.bleepingcomputer.com/news/security/us-government-confirms-russian-svr-behind-the-solarwinds-hack/

← Previous Next →

Posts by Topic

Alerts (3)
Best practices (10)
Business (15)
Cloud (1)
IT Blog (9)
News (142)
Privacy (11)
Security (21)
Small Business (12)
Technology (18)
Tip of the Week (3)

Mobile? Grab this Article!

US Government Confirms Russian SVR Behind the SolarWinds Hack qr1c37a58e8f6ec22f103ff2c4c2c02467 TechCess

CISA warns of Windows and UnRAR flaws exploited in the wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation.One of them has spent more than two years as a zero-day bug in the Windows Support...

Contact Us

Learn more about what Techcess CyberSecurity Group can do for your business.

1-833-TXCYBER
1-833-892-9237

Techcess CyberSecurity Group
6110 Clarkson Lane
Houston, Texas 77055

Techcess CyberSecurity Group

6110 Clarkson Lane
Houston, Texas 77055