Suspected Russian Hackers Used US Networks, Official Says

A White House official said the SolarWinds breach was executed from within the US.

Bloomberg

February 18, 2021

2 Min Read
Suspected Russian Hackers Used US Networks, Official Says
(L-R) White House Press Secretary Jen Psaki looks on as Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger speaks during the daily press briefing at the White House on February 17, 2021 in Washington, DC. Neuberger told reporters that 9 federal agencies and around 100 companies were impacted by the SolarWinds breach.Drew Angerer/Getty Images

Alyza Sebenius and Jenny Leonard (Bloomberg) -- A sprawling cyber-attack that compromised popular software created by Texas-based SolarWinds Corp. was executed from within the U.S., a top White House official said, though the government believes Russia was responsible.

The federal investigation of the hack will take several months, Deputy National Security Advisor Anne Neuberger said in a briefing for reporters on Wednesday.

“As of today, nine federal agencies and about 100 private-sector companies were compromised,” Neuberger said. She didn’t identify them and said the government hasn’t ruled out the possibility of further victims.

She said the government believes it’s still at the “beginning stages” of understanding the scope and scale of the attack, which was publicly disclosed in December but was likely executed months earlier. “The hackers launched the hack from inside the United States which further made it difficult for the U.S. government to observe their activity,” she said.

Neuberger is leading the U.S. response to the SolarWinds attack. The Texas-based company’s software is used by several government agencies and Fortune 500 companies.

As many as 18,000 SolarWinds’s customers received malicious code through updates to the software, though far fewer are believed to have been targeted for further intrusions by the hackers. The targets included the federal departments of State, Treasury, Homeland Security, Commerce and Energy, including its nuclear weapons agency. The hackers used other methods to infiltrate networks besides SolarWinds, U.S. officials have said.

“Many of the private sector compromises are technology companies, including networks of companies whose products could be used to launch additional intrusions,” Neuberger said.

President Joe Biden said in a Feb. 4 speech at the State Department that the U.S. has “elevated the status of cyber issues within our government.”

The U.S. “will not hesitate to raise the cost on Russia” for the Kremlin’s aggressive behavior, including cyber-attacks, Biden said in the address.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like