The United Kingdom, Canada, the European Union and NATO have expressed support for the United States in blaming Russia for the cyberattack on IT management company SolarWinds, which impacted organizations worldwide.
The announcements were made the same day that the United States expelled 10 Russian diplomats and sanctioned dozens of companies and people in an attempt to punish Russia, which is believed to have orchestrated last year both interference with the US presidential elections and the SolarWinds breach.
The Biden administration said that the sanctions were meant to send a signal to Kremlin that the US is ready to take action against efforts that undermine “the conduct of free and fair democratic elections and democratic institutions in the United States and its allies and partners,” or those that “facilitate malicious cyber activities against the United States and its allies and partners.”
Canada on Thursday said the SolarWinds breach impacted over a hundred Canadian entities, but that it is not aware of any of them being compromised in the cyber-espionage campaign that followed.
“Canada assesses that APT29, also named ‘The Dukes’ or ‘Cozy Bear’ was responsible for this activity, and almost certainly operates as part of Russian Intelligence Services (SVR). This activity is concerning given other Russian state-sponsored actors’ history of disruptive and destabilizing cyber activities. We are voicing our concern to highlight the importance of strengthening our country’s cyber security,” Canada said.
The European Union noted that the SolarWinds cyber-operation had an impact on governments and businesses in EU member states too, voicing concerns over the increased activity targeting “the security and integrity of information and communication technology (ICT) products and services.”
NATO on Thursday revealed that its allies are taking actions to enhance collective security, adding that Russia continues to engage in destabilizing behavior through attempted interference in elections, widespread disinformation campaigns, and malicious cyberattacks.
“The United States and other Allies assess that all available evidence points to the responsibility of the Russian Federation for the SolarWinds hack. We stand in solidarity with the United States,” NATO said, calling for Russia to stop engaging in such behavior.
Just as the United States, the UK on Thursday directly blamed the Kremlin for the SolarWinds attack, naming Russia “the most acute threat to the UK’s national and collective security.” The UK also published additional details on SVR’s cyber activities.
In an advisory on Thursday, the National Security Agency (NSA) warned of Russian hacking operations targeting five known and already patched vulnerabilities, including ones affecting Fortinet FortiGate VPN, Synacor Zimbra Collaboration Suite, Pulse Secure Pulse Connect Secure VPN, Citrix Application Delivery Controller and Gateway, and VMware Workspace ONE Access.