Kremlin Releases Official Statement Denying Involvement in Massive SolarWinds Malware Attack
Note: We are reader supported and may earn a small commission when you click on links in posts
- SolarWinds May Shape Cyber Policy: Saturday Sitrep
- Microsoft Releases Open Source Tool to Root Out SolarWinds Malware
- SolarWinds Hack was a Year in the Making: Saturday Sitrep
- US Federal Agencies Compromised in Sophisticated Cyberattack
Russia has officially denied involvement in the SolarWinds cyberattacks. In one of the worst hacking cases in US history, the six month long attack compromised several US Federal government agencies including The US Treasury and the Department of Homeland security (DHS).
On Friday, US Secretary of State Mike Pompeo said in an interview on The Mark Levin Show that Russia may be behind the attack.
“Russia is not involved in such attacks, namely this one. We state this officially and firmly,” Kremlin Spokesman Dmitry Peskov told TASS reporters on Monday.
The attack involves a software update from a US based private company called SolarWinds. The company produces enterprise level software, called Orion, responsible for the management and network security. It is used by hundreds of US agencies, government contractors, as well as private corporations in the United States and the United Kingdom.
The attack was discovered on 8 December. However, malware had been quietly infecting and spying on government and private networks since at least March 2020. The malware attack impacted 18,000 customers according to SolarWinds.
The SolarWinds cyberattack successfully compromised tech giant Microsoft as well as world renowned cyber security firm FireEye which first discovered it.
Feds Say Attack Poses a Grave Risk
Last week the DHS Cybersecurity and Infrastructure Security Agency (CISA) released a bulletin stating that cyberattack ” poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.”
On Saturday outgoing US President Donald Trump, who had so far been silent about the cyberattack, doubts Russia’s involvement. Trump pointed the finger at China and said that The US media had wrongly implicated Russia.
Trump fired the Director of CISA, Christopher Krebs, last week. Krebs had refused to support Trump’s claims that the US Presidential election was hacked.
SolarWinds is a Sophisticated Cyberattack
This appears to be the work of a sophisticated threat actor that carefully planned and injected SUNBURST malware through a backdoor. The malware was no off-the-shelf solution like those used in many attacks. It was continually tweaked by the attackers to ensure the success against individual targets with custom security configurations.
“Definitely, this discussion has nothing to do with us,” Peskov emphasized.
The malware attack was first discovered by US based company FireEye that was also compromised by SolarWinds. The SolarWinds cyberattack appears to have started back in March 2020 and went undetected until it was discovered this month.