Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

More Countries Officially Blame Russia for SolarWinds Attack

The United Kingdom, Canada, the European Union and NATO have expressed support for the United States in blaming Russia for the cyberattack on IT management company SolarWinds, which impacted organizations worldwide.

The United Kingdom, Canada, the European Union and NATO have expressed support for the United States in blaming Russia for the cyberattack on IT management company SolarWinds, which impacted organizations worldwide.

The announcements were made the same day that the United States expelled 10 Russian diplomats and sanctioned dozens of companies and people in an attempt to punish Russia, which is believed to have orchestrated last year both interference with the US presidential elections and the SolarWinds breach.

The Biden administration said that the sanctions were meant to send a signal to Kremlin that the US is ready to take action against efforts that undermine “the conduct of free and fair democratic elections and democratic institutions in the United States and its allies and partners,” or those that “facilitate malicious cyber activities against the United States and its allies and partners.”

Canada on Thursday said the SolarWinds breach impacted over a hundred Canadian entities, but that it is not aware of any of them being compromised in the cyber-espionage campaign that followed.

“Canada assesses that APT29, also named ‘The Dukes’ or ‘Cozy Bear’ was responsible for this activity, and almost certainly operates as part of Russian Intelligence Services (SVR). This activity is concerning given other Russian state-sponsored actors’ history of disruptive and destabilizing cyber activities. We are voicing our concern to highlight the importance of strengthening our country’s cyber security,” Canada said.

The European Union noted that the SolarWinds cyber-operation had an impact on governments and businesses in EU member states too, voicing concerns over the increased activity targeting “the security and integrity of information and communication technology (ICT) products and services.”

NATO on Thursday revealed that its allies are taking actions to enhance collective security, adding that Russia continues to engage in destabilizing behavior through attempted interference in elections, widespread disinformation campaigns, and malicious cyberattacks.

“The United States and other Allies assess that all available evidence points to the responsibility of the Russian Federation for the SolarWinds hack. We stand in solidarity with the United States,” NATO said, calling for Russia to stop engaging in such behavior.

Advertisement. Scroll to continue reading.

Just as the United States, the UK on Thursday directly blamed the Kremlin for the SolarWinds attack, naming Russia “the most acute threat to the UK’s national and collective security.” The UK also published additional details on SVR’s cyber activities.

In an advisory on Thursday, the National Security Agency (NSA) warned of Russian hacking operations targeting five known and already patched vulnerabilities, including ones affecting Fortinet FortiGate VPN, Synacor Zimbra Collaboration Suite, Pulse Secure Pulse Connect Secure VPN, Citrix Application Delivery Controller and Gateway, and VMware Workspace ONE Access.

Related: Three New Malware Strains Linked to SolarWinds Hackers

Related: Microsoft Believes 1,000 Hackers Involved in SolarWinds Attack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.