icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
5 Jan, 2021 22:11

US intel says ‘fewer than 10’ government agencies affected by follow-on SolarWinds hack, ‘likely Russian in origin’

US intel says ‘fewer than 10’ government agencies affected by follow-on SolarWinds hack, ‘likely Russian in origin’

Among the approximately 18,000 corporations and agencies believed to be affected by the SolarWinds hack, “fewer than 10” government entities have been compromised in a follow-on attack, according to senior intelligence officials.

Director of National Intelligence John Ratcliffe has officially blamed Russia for the latest infiltration of SolarWinds, a tech firm that provides networking and security management services for many US government agencies. Rather than the usual “highly likely” used to delineate dodgy intel, however, Ratcliffe could only say the Kremlin’s responsibility was “likely” in remarks on Tuesday.

Also on rt.com SolarWinds hack: US Treasury’s unclassified systems breached as Washington points finger at Russia and China

Ratcliffe insisted the infiltrations seem to be for “intelligence-gathering” only, and attempted to reassure the public that fewer than 10 government agencies had been further compromised.

“This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks,” read a statement from a unified cyber coordination group comprising ODNI, NSA and CISA.

The cyber group “believes” that just a tiny fraction of the approximately 18,000 affected SolarWinds customers were targeted by any malicious follow-on activity. The megahack apparently went unnoticed by any government agency until private security firm FireEye reported it. In what would seem to be dumb luck rather than skill, the company noticed its own network being hacked and revealed the mammoth size of the breach.

Despite immediate claims of Russian technological aggression, FireEye admitted on Monday that the hack had actually come from within the US – ignominiously pouring cold water on Russiagate-style conspiracy-theorizing.

Also on rt.com Not even a ‘highly likely’? Cybersecurity group admits SolarWinds hack came FROM WITHIN THE US, but doubles down on blaming Russia

Like this story? Share it with a friend!