Security News > 2021 > January > Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack
The U.S. government has identified Russia as the "Likely" culprit behind the widespread SolarWinds cyberattack that has so far affected multiple federal agencies and private-sector companies.
Cyberespionage is cited as the motivation behind the attack, which the feds characterized as ongoing.
In a rare joint statement by the FBI, the Cybersecurity and Infrastructure Security Agency, the Office of the Director of National Intelligence and the National Security Agency, the agencies said a task force assigned to investigate the incident has found indications that Russia was behind the attack, something many government officials and security experts had already suspected.
"And the SolarWinds attack is a perfect example of a state or state-sponsored actor turning their resources to cyberattack. Unlike typical cybercriminals, these threats at this level have almost unlimited resources and will target virtually anything that may forward their agenda."
Eventually, it was discovered that an attack vector leveraging the default password of the SolarWinds platform gave attackers an open door into its software-updating mechanism.
SolarWinds meanwhile is facing a class-action lawsuit from its investors over the financial fallout for the company stemming from the attack and its poor cybersecurity posture in using an easy-to-guess default password.
News URL
https://threatpost.com/feds-russia-culprit-solarwinds/162785/
Related news
- Evil Corp's deep ties with Russia and NATO member attacks exposed (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- SolarWinds Web Help Desk flaw is now exploited in attacks (source)
- SEC Charges 4 Companies Over Misleading SolarWinds Cyber Attack Disclosures (source)