US intelligence issued rare public statement claiming Solarwinds hack was 'likely Russian in nature'
- A joint US intelligence task force issued an urgent and initial public reaction to the Solarwinds hack, alleging that the campaign was likely the work of Russian hackers.
- The statement claimed that the hack was "a serious compromise that will require a sustained and dedicated effort to remediate."
- The task force also confirmed that the Treasury, the Departments of State, Homeland Security, Commerce, and Energy were breached in an "intelligence-gathering effort."
- The Cyber Unified Coordination Group was formed by the White House in response to the hack and consists of the FBI, the Office of the Director of National Intelligence, the Cybersecurity and Infrastructure Security Agency, and the National Security Agency.
- Visit Business Insider's homepage for more stories.
A joint task force of investigative US government agencies issued a statement Tuesday charging that the massive Solarwinds hack was 'likely Russian in nature.'
The statement, which was also signed onto by the FBI, the Cybersecurity and Infrastructure Security Agency, and the National Security Agency, marked a rare unified, public response to the hack.
Noting that investigations into the hack are still underway, the statement said that "an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks."
The statement added that the hack was likely "an intelligence gathering effort."
Tuesday's joint statement marked the first cohesive response from the intelligence community since the hack was identified, and it contradicted Trump's claims last month that Chinese hackers were responsible. Secretary of State Mike Pompeo had also publicly endorsed the claim that Russia was behind the hack.
The statement added that the hack was "a serious compromise that will require a sustained and dedicated effort to remediate," adding that since discovering the hack, private sector and US government employees have worked to contain it.
The joint task force also offered additional clarity on which US agencies were targeted.
The statement alleged that less than ten federal bodies had networks breached, but those agencies included the Treasury, as well as the Departments of State, Homeland Security, Commerce, and Energy.
Russian presidential spokesman Dmitry Peskov, as well as the Russian embassy in the US, have denied orchestrating the attacks. A statement issued on the embassy's Facebook page on December 13 said: "Malicious activities in the information space contradict the principles of the Russian foreign policy, national interests and our understanding of interstate relations," adding, "Russia does not conduct offensive operations in the cyber domain."
The hack took place over the course of several months, likely beginning as early as March. Hackers reportedly entered the SolarWinds system - which monitors servers in order to prevent outages - via patch updates made by SolarWinds in March and June.
As hackers put corrupted code into Solarwinds updates, at least 18,000 Solarwinds customers in the public and private sector installed tainted updates, according to US intelligence agencies.
Receive a daily news update on your cellphone. Or get the best of our site emailed to you
Go to the Business Insider front page for more stories.