Report: Russia 'likely' kept access to US networks after SolarWinds hack
Patches might not have been enough.
Russia's alleged success with the SolarWinds hack might not have ended just because US agencies and companies have bolstered their defenses. CNN sources aware of the investigation claim Russia's SVR intelligence agency "likely" still has access to American networks despite efforts to close exploits. The attackers are still "very much out there," one contact said.
Deputy National Security Adviser Anne Neuberger didn't directly acknowledge the allegation when CNN asked, but did say that formally blaming the SVR was meant to "shape [Russia's] calculus" on the value of hacks. The US wasn't going to dissuade Russia with a single action, the adviser said.
A continued presence in American networks is consistent with history. Russia continued to mount cyberattacks against the US after the Obama administration imposed sanctions in late 2016, targeting politicians and other systems during the 2018 midterms and beyond. Even if the US successfully dislodged Russia from government systems, there was a good chance it would find another security hole.
If the report is accurate, though, it illustrates just how difficult it may be to secure a lasting victory against state-sponsored cyberattacks. Even the large-scale response to a campaign like the SolarWinds hack apparently wasn't enough to dislodge the intruders. The US might not get a reprieve for a long, long time to come.