Russia Officially Denies Large-scale US Hack

Russia has officially denied any culpability for a recent cyber-attack that impacted at least six federal agencies in the United States.

America's Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive last week after cyber-criminals trojanized updates to SolarWinds’ Orion IT monitoring and management software to launch a large-scale cyber-attack. 

CISA said that the incident poses "unacceptable risk to the security of federal networks" and urged all federal civilian agencies to review their networks for indicators of compromise and to disconnect or power down SolarWinds Orion products immediately.

SolarWinds, an IT company based in Austin, Texas, which serves government customers across the executive branch, the military, and the intelligence services, stated on December 20 that it was the victim of a sophisticated supply-chain attack that "could potentially allow an attacker to compromise the server on which the Orion products run." 

The company has not attributed the attack to any particular threat actor, stating only that "we’ve been advised that the nature of this attack indicates that it may have been conducted by an outside nation state, but SolarWinds has not verified the identity of the attacker."

While the US government has not publicly identified who might be behind the hacking, Reuters reported on December 15 that "three of the people familiar with the investigation said Russia is currently believed to be responsible for the attack."

Secretary of State Mike Pompeo publicl ..

Support the originator by clicking the read the rest link below.