Several American security instances agree that Russia was behind the hack on SolarWinds’ software. In doing so, they counter President Trump’s claims that China is behind the hack.
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Office of the Director of National Intelligence (ODNI) and National Security Agency (NSA) have published a joint statement on the SolarWinds hack.
In the statement, the agencies state that an Advanced Persistent Threat actor of likely Russian origin was behind most or all of the recent cybersecurity attacks on networks of both government agencies and companies. The agencies go on to say that they are taking action against the attack in various ways.
Trump suspects China
The fact that Russia is specifically being mentioned is striking. When the hack was first discovered, security investigators indicated that it is probably of Russian origin. Yet President Trump insisted that not Russia, but China, was behind the attack. Not a single investigator has yet pointed his finger towards China, although the investigators have not yet shared where the link with Russia lies either.
In late 2020 it came to light that the American company SolarWinds had fallen victim to a hack. The Orion software was infected with code that created a backdoor through which attackers could gain access to all the computers on which the IT management software was installed. This was the case in many thousands of computers at various government agencies and large companies.