US intelligence agencies say Russia was likely behind the SolarWinds hack

But some say this disclosure has come several weeks too late.

Sponsored Links

"n"nPicture of a sign with the logo of SolarWinds taken on their office in brno. SolarWinds is an American company that develops software for businesses to help manage their networks, systems, and information technology infrastructure. SolarWinds is headquartered in Austin, Texas, with sales and product development offices in a number of locations in the United States and several other countries around the world.
BalkansCat via Getty Images

America’s intelligence community has issued a joint statement naming Russia as the most likely source of the SolarWinds hack. Representatives from the FBI, NSA and Cybersecurity and Infrastructure Security Agency (CISA), via the Office of the Director of National Intelligence, made the claims yesterday. They jointly claim that the body which managed to gain access to a number of federal agencies and companies is “likely Russian in origin.” 

The New York Times reports that the statement was made, partly, to repudiate comments made by the president on Twitter, accusing China of the hack. The paper added that it believes sentiment within the intelligence community have “few doubts” that Russia was responsible. Senator Mark Warner tweeted criticism of the delay in making the statement, saying that it is unfortunate that it has taken three weeks before officials issued any sort of attribution. 

Officials believe that around 18,000 “public and private sector customers” of SolarWinds’ products have been affected in the hack. They added that a “much smaller number” were then subject to “follow-on activity” in their systems, which includes “fewer than” 10 government agencies. The multi-agency group says that is working to investigate and help where it can, with the FBI working to identify victims and the hackers. CISA, meanwhile, will offer a tool to help victims detect malicious activity stemming from the hack. 

SolarWinds is a network monitoring company with a product called Orion, which hackers managed to breach at some point in March. The list of companies and government bodies that used Orion, however, included names like the US Nuclear Security Administration, Department of Energy, not to mention Microsoft. One of the reasons the attack was so wide-spread was due to the failure of several early-warning systems

In the statement, the agencies say that picking through the remains of this hack will require a “sustained and dedicated effort to remediate.”

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget