The Cyber Unified Coordination Group (UCG), a task force composed of U.S. cybersecurity, intelligence, and law enforcement agencies, announced earlier this week that Russia was “likely” responsible for the 2020 SolarWinds data breach.
In a joint statement, the Cybersecurity and Infrastructure Security Agency (CISA), Office of the Director of National Intelligence (ODNI), NSA, and FBI announced that “an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks.”
“This is a serious compromise that will require a sustained and dedicated effort to remediate,” the statement said.
The statement also outlines how agencies in the UCG will respond to the breach, including investigation, mitigation, and the release of a free software tool to detect “unusual and potentially malicious activity related to this incident.”
While the scope of the SolarWinds hack is still yet to be determined, the Department of Treasury, the National Telecommunications and Information Administration, the Department of State, the National Institutes of Health, the Department of Homeland Security, the Department of Energy, the National Nuclear Security Administration and several statement governments confirmed in December 2021 that their networks were breached in the hack. The Department of Justice has since announced that their email systems had also been breached.