Security Experts:

Connect with us

Hi, what are you looking for?



More Countries Officially Blame Russia for SolarWinds Attack

The United Kingdom, Canada, the European Union and NATO have expressed support for the United States in blaming Russia for the cyberattack on IT management company SolarWinds, which impacted organizations worldwide.

The United Kingdom, Canada, the European Union and NATO have expressed support for the United States in blaming Russia for the cyberattack on IT management company SolarWinds, which impacted organizations worldwide.

The announcements were made the same day that the United States expelled 10 Russian diplomats and sanctioned dozens of companies and people in an attempt to punish Russia, which is believed to have orchestrated last year both interference with the US presidential elections and the SolarWinds breach.

The Biden administration said that the sanctions were meant to send a signal to Kremlin that the US is ready to take action against efforts that undermine “the conduct of free and fair democratic elections and democratic institutions in the United States and its allies and partners,” or those that “facilitate malicious cyber activities against the United States and its allies and partners.”

Canada on Thursday said the SolarWinds breach impacted over a hundred Canadian entities, but that it is not aware of any of them being compromised in the cyber-espionage campaign that followed.

“Canada assesses that APT29, also named ‘The Dukes’ or ‘Cozy Bear’ was responsible for this activity, and almost certainly operates as part of Russian Intelligence Services (SVR). This activity is concerning given other Russian state-sponsored actors’ history of disruptive and destabilizing cyber activities. We are voicing our concern to highlight the importance of strengthening our country’s cyber security,” Canada said.

The European Union noted that the SolarWinds cyber-operation had an impact on governments and businesses in EU member states too, voicing concerns over the increased activity targeting “the security and integrity of information and communication technology (ICT) products and services.”

NATO on Thursday revealed that its allies are taking actions to enhance collective security, adding that Russia continues to engage in destabilizing behavior through attempted interference in elections, widespread disinformation campaigns, and malicious cyberattacks.

“The United States and other Allies assess that all available evidence points to the responsibility of the Russian Federation for the SolarWinds hack. We stand in solidarity with the United States,” NATO said, calling for Russia to stop engaging in such behavior.

Just as the United States, the UK on Thursday directly blamed the Kremlin for the SolarWinds attack, naming Russia “the most acute threat to the UK’s national and collective security.” The UK also published additional details on SVR’s cyber activities.

In an advisory on Thursday, the National Security Agency (NSA) warned of Russian hacking operations targeting five known and already patched vulnerabilities, including ones affecting Fortinet FortiGate VPN, Synacor Zimbra Collaboration Suite, Pulse Secure Pulse Connect Secure VPN, Citrix Application Delivery Controller and Gateway, and VMware Workspace ONE Access.

Related: Three New Malware Strains Linked to SolarWinds Hackers

Related: Microsoft Believes 1,000 Hackers Involved in SolarWinds Attack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.