SolarWinds Hack – US officially Blames Russian Intel Agency Hackers

SolarWinds Hack – US officially Blames Russian Intel Agency Hackers

The US has designated 6 Russian technology companies involved in developing tools to facilitate malicious cyber activities like the SolarWinds hack.

In a new development, the United States and the United Kingdom have announced that hackers working for the Russian Foreign Intelligence Service (SVR) are behind the infamous SolarWinds hack and other recently targeted espionage campaigns including attacks on COVID-19 vaccine research facilities.

FBI, NSA, CISA on one page

In a joint cybersecurity advisory [PDF], the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) state that hackers linked to SVR are also exploiting vulnerabilities in five popular VPN services. These include the following:

CVE-2020-4006 VMware

CVE-2018-13379 Fortinet

CVE-2019-9670 Zimbra

CVE-2019-19781 Citrix

CVE-2019-11510 Pulse Secure

Initial SolarWinds Supply Chain Breach

Microsoft and Palo Alto Networks both confirmed that SolarWinds’ Orion software breach was an APT group’s work. The supply chain attack was initially reported on December 8th, 2020, when FireEye confirmed being targeted by a stat ..