A group of U.S. intelligence agencies on Tuesday formally accused Russia of being linked to the recently discovered hack of IT group SolarWinds that compromised much of the federal government. The FBI, the Office of the Director of National Intelligence (ODNI), the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) attributed the effort to Russia. The group had set up a cyber unified coordination group in December after the compromise of SolarWinds was revealed. “This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks,” the agencies said in a joint statement around their investigation into the cyber incident.
More information: https://thehill.com/policy/cybersecurity/532756-us-intel-agencies-blame-russia-for-massive-solarwinds-hack
<p>As was recently reported in the NYT, ‘SolarWinds moved much of its engineering to satellite offices in the Czech Republic, Poland and Belarus, where engineers had broad access to the Orion network management software that Russia’s agents compromised.’ As a former CIA officer who was intrinsically involved in HUMINT-enabled cyber operations, there’s a tremendous window of opportunity — we call it ‘spot, assess, and recruit’ — in areas where there is amplified geopolitical tension. For instance, Belarus is currently struggling against overt Russian influence.</p>