While top U.S. officials, including Secretary of State Mike Pompeo, have previously suggested that the burglary campaign be carried out by a Russian-backed group, Tuesday’s joint statement provides the most definitive and concrete assessment of the origin of the attack by agencies. investigating the incident.
In short, the statement issued by the Cyber Unified Coordination Group (UCG) clearly acknowledges what US officials and experts have suspected since the data breach was first announced last month: the responsible actor of the Advanced Persistent Threat (APT) is probably Russian in origin. “
This assessment is contrary to what President Donald Trump has publicly said in the weeks since the data breach first came to light.
Trump had earlier questioned the intelligence that the hackers were linked to Russia, and he underestimated the impact of the offense, which according to U.S. officials and experts is historic and could take years before he understands it well.
The attack, which affected “less than ten” U.S. government agencies and a number of private-sector businesses, is thought to be an attempt to gather information, but investigators are still working to understand its full extent, Tuesday’s joint statement added. by.
Even as U.S. officials continue to grapple with the dropout, the statement said investigators currently believe the attack is not an ‘act of war’ as some lawmakers have suggested.
The Cyber Unified Coordination Group, which consists of the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency ( NSA), has met twice a day since the government was briefed on the cap as it worked to assess the extent of the damage and the possible culprits responsible for the attack.
This is because U.S. officials are still working to discover the full extent of the offense. A senior government official told CNN on Monday that more than 250 government networks and companies had been affected by the hack, but that U.S. officials were still trying to assess the damage. The official says: “We think it could be a lot more.”
In addition to assessing the damage, investigators are working to discover exactly how the attackers gained access to U.S. networks. The focus on SolarWinds, an attacker of private contractors who are exploited to gain access to possibly thousands of public and private sector organizations, continues.
The FBI is involved in the case and is investigating whether the infiltration was involved in the company’s operations in Eastern Europe, according to two sources familiar with the matter. The intelligence community is also investigating the company’s activities in Eastern Europe.
SolarWinds has outsourced much of its technical expertise to employees and software engineers in countries such as Belarus, Poland and the Czech Republic. A former National Security Agency official told CNN on Monday that foreign workers working for US IT companies in those countries were considered the main targets for recruitment by Russian intelligence services.
This story is about to break and will be updated.