In December 2020, in order to attack the US government, hackers attacked SolarWinds , a company that supplies it with software. This is thanks to a malicious program designed to target Orion software developed by the US government service provider.
According to a joint statement recently issued by the FBI (Federal Bureau of Investigation), CISA (Cybersecurity and Infrastructure Security Agency), ODNI (Office of the Director of National Intelligence) and NSA (National Security Agency), everything indicates that the Russians would be behind the operation.
Moreover, an article in the Washington Post , this hypothesis had already been put forward, shortly after the event that occurred last December .
More recently, the FBI, the CISA, the ODNI as well as the NSA thus indicated that this cyberattack organized by Russia was intended to gather information. Faced with these accusations, the Russians have denied any involvement in this affair.
Hacking through software widely used in the United States
As noted, instead of directly attacking the US government or the network of one of its organizations, the hackers preferred to attack one of their software vendors.
And it was done thanks to the targeting of the app called Orion. SolarWinds has become the perfect target, with no less than 33,000 companies using its program.
Hackers have indeed exploited a flaw in an update of Orion, in order to allow their virus, Sunburst , to infiltrate the system and infect users' machines. 18,000 SolarWinds customers were thus at the mercy of hackers.
The hackers then just had to sort it out, and finally launch a second attack, via another malware, Teardrop .
Only the Russians would be behind this cyberattack
According to the United States administration, the Russians are therefore behind the SolarWinds hack. More precisely, the SVR, which is none other than the Russian foreign intelligence service, is notably responsible.
Obviously, the Russian government has denied its involvement in this cyberattack, even though the FBI, CISA, ODNI, and NSA now officially accuse it of instigating it. According to these 4 agencies, which together form the UGC (Cyber Unified Coordination Group), the Russians carried out this hacking in order to gather intelligence concerning American organizations.
A case to follow.