Major US intelligence agencies concluded Tuesday that the recent massive cyber attack that infiltrated the systems of the federal government and major corporations in the country “likely” came from Russia and was an act of espionage.
In a joint statement, four intelligence agencies in the country of Moscow publicly identified for the first time as the likely person responsible for the cyberattack, something that outgoing US President Donald Trump has questioned, to the point where the possibility was raised. that it was China.
According to intelligence sources consulted by the US media, there is no indication that the hacking could come from China, and the statement was apparently an attempt to correct that idea Trump has spread in his tweets.
“Our work indicates that a sophisticated and persistent threat actor, likely of Russian origin, is responsible for most or all of the recently discovered acts that are still active and that endanger both government and government networks. Non-governmental,” says the note.
“We believe this was and still is an attempt to gather intelligence,” added the statement signed by the Federal Bureau of Investigation (FBI), the National Security Agency (NSA). of Cybersecurity and Security in Infrastructures (CISA) and the Office of the Director of National Intelligence.
The Kremlin has publicly denied that it had anything to do with that cyberattack, which was discovered late last year but may have started in October 2019 and may still be active, according to US authorities.
Those responsible for the attack penetrated all types of systems through updates to a popular program from US technology company SolarWinds called Orion, which is used to monitor computer networks by both the government and hundreds of large corporations.
However, the four intelligence agencies assured that while the cyber attack affected “about 18,000 SolarWinds customers,” only “a much smaller number” recorded damage from “subsequent activity in their systems.”
“So far, we have identified fewer than ten US government agencies that fall into that category, and we are working to identify non-governmental entities that may also be affected,” the agencies said.
One such entity is software giant Microsoft, which revealed last week that the hack penetrated deeper into its system than it realized, exposing at least some of the source code.
The CISA announced in December that the cyber attack posed a “serious risk” to the federal government, as it has endangered the country’s “critical infrastructure” and will make it “extremely difficult” to secure the security of the affected systems. fully recover.
The intelligence services stressed that they are still trying to “understand the full dimensions of this campaign” and that when they do, they will respond to the cyber attack.
US President-elect Joe Biden has pledged to retaliate “substantially” for the cyber-attack once he comes to power on January 20, though he has avoided blaming the attack directly on Russia, arguing that it is Trump who must determine who the author was.