SolarWinds Hack – US officially Blames Russian Intel Agency Hackers

SolarWinds Hack – US officially Blames Russian Intel Agency Hackers

The US has designated 6 Russian technology companies involved in developing tools to facilitate malicious cyber activities like the SolarWinds hack.


In a new development, the United States and the United Kingdom have announced that hackers working for the Russian Foreign Intelligence Service (SVR) are behind the infamous SolarWinds hack and other recently targeted espionage campaigns including attacks on COVID-19 vaccine research facilities.


FBI, NSA, CISA on one page


In a joint cybersecurity advisory [PDF], the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) state that hackers linked to SVR are also exploiting vulnerabilities in five popular VPN services. These include the following:


CVE-2020-4006 VMware


CVE-2018-13379 Fortinet


CVE-2019-9670 Zimbra


CVE-2019-19781 Citrix


CVE-2019-11510 Pulse Secure


Initial SolarWinds Supply Chain Breach


Microsoft and Palo Alto Networks both confirmed that SolarWinds’ Orion software breach was an APT group’s work. The supply chain attack was initially reported on December 8th, 2020, when FireEye confirmed being targeted by a stat ..