US spy agencies review software suppliers' ties to Russia following SolarWinds hack

US spy agencies review software suppliers' ties to Russia following SolarWinds hack
Written by May 6, 2021 | CYBERSCOOP

U.S. intelligence agencies have begun a review of supply chain risks emanating from Russia in light of the far-reaching hacking campaign that exploited software made by SolarWinds and other vendors, a top Justice Department official said Thursday.

The review will focus on any supply chain vulnerabilities stemming from Russian companies — or U.S. companies that do business in Russia, according to John Demers, the assistant attorney general for national security.

“If there’s back-end software design and coding being done in a country where we know that they’ve used sophisticated cyber means to do intrusions into U.S. companies, then maybe … U.S. companies shouldn’t be doing work with those companies from Russia or other untrusted countries,” Demers said during a Justice Department-hosted cybersecurity conference.

Demers said that the FBI and other intelligence agencies will pass any information obtained from the review to the Commerce Department to decide if further action to exclude vendors from U.S. supply chains is warranted.

The White House has blamed Russia’s SVR foreign intelligence agency for the espionage activity, which exploited SolarWinds software and infiltrated at least nine U.S. federal agencies.  The Biden administration has also sanctioned Russian technology companies for alleging supporting Russian intelligence agencies’ cyber operations. Moscow denied the allegations.

Yet the U.S. intelligence review shows that the Biden administration is still studying how future spying operations mi ..

Support the originator by clicking the read the rest link below.