US Russia chess game

Russia sanctioned over SolarWinds, election interference -- even as cyber espionage continues

In response to the hacking campaign against SolarWinds and interference in the presidential election, the White House last week announced a range of sanctions against Russia.

The sanctions target six technology companies that support the country’s spy services and  prohibit U.S. financial institutions from doing business with certain Russian financial institutions. The administration is also expelling 10 Russian intelligence officers working in Washington.

“Today the United States is formally naming the Russian Foreign Intelligence Service (SVR) … as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures,” according to an April 15  White House statement. “The U.S. Intelligence Community has high confidence in its assessment of attribution to the SVR.”

"This is a positive, welcome step towards adding more friction to Russian operations,” FireEye CEO Kevin Mandia said in a statement. “Simply naming the SVR, as well as the corporations that support it will inform our defense. Unfortunately, we are unlikely to fully deter cyber espionage and we will have to take serious action to better defend ourselves from inevitable future intrusions.” FireEye is credited with initially discovering the breach into SolarWinds.

“Today is a huge, precedent-setting day for attributing Russian intelligence operations, both cyber operations narrowly defined, but also influence operations and active measures," Thomas Rid, a professor of strategic studies at John Hopkins University, commented on Twitter.

Around the same time as the White House’s announcement, the National Security Agency, the Cybersecurity and Infrastructure Security Agency and the FBI published a joint advisory warning of five vulnerabilities in different software that Russian intelligence services are actively exploiting.

“This advisory is being released alongside the U.S. Government’s formal attribution of the SolarWinds supply chain compromise and related cyber espionage campaign,” the agencies said. “NSA, CISA, and FBI strongly encourage all cybersecurity stakeholders to check their networks for indicators of compromise related to all five vulnerabilities and the techniques detailed in the advisory and to urgently implement associated mitigations.”

A longer version of this article was first posted to FCW, a sibling site to GCN.

About the Author

Justin Katz is a former staff writer at FCW.


Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected