Tag Archive for: russian

White House blames Russian spy agency SVR for SolarWinds hack – Benchmarking Change

/in


The White House said in a statement on Thursday that Russia’s foreign intelligence service, known as the SVR, was responsible for the SolarWinds hack, which led to the compromise of nine federal agencies and hundreds of private sector companies.

Senior US government officials had already said the Russian government was responsible for the sprawling cyber attack, but Thursday’s announcement offers the first formal statement pinning the operation on a specific agency.

The White House statement was paired with a series of sanctions against five Russian cyber security firms, which the Treasury Department said had been involved in supporting Russian cyber operations.

SVR has reportedly dismissed the claim as “nonsense” and “windbaggery”.

While some national security experts say the SolarWinds hacking operation could be viewed as a traditional espionage activity that is not uncommon between government hackers, the Treasury Department in its statement said the “scope and scale of this compromise combined with Russia’s history of carrying out reckless and disruptive cyber operations makes it a national security concern.”

The National Security Agency, FBI and Cybersecurity Infrastructure Security Agency also revealed on Thursday that the SVR was exploiting five known computer software vulnerabilities.

The announcement came with links to a series of related software patches by the companies who make those products, including VMware and Fortinet.

“The vulnerabilities in today’s release are part of the SVR’s toolkit to target networks across the government and private sectors. We need to make SVR’s job harder by taking them away,” Rob Joyce, NSA director of cybersecurity, said.

Source…

FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian Government

/in


The Biden administration has been clear that the United States desires a relationship with Russia that is stable and predictable. We do not think that we need to continue on a negative trajectory. However, we have also been clear—publicly and privately—that we will defend our national interests and impose costs for Russian Government actions that seek to harm us.

Today the Biden administration is taking actions to impose costs on Russia for actions by its government and intelligence services against U.S. sovereignty and interests.

Executive Order Targeting the Harmful Foreign Activities of the Russian Government
Today, President Biden signed a new sanctions executive order that provides strengthened authorities to demonstrate the Administration’s resolve in responding to and deterring the full scope of Russia’s harmful foreign activities. This E.O. sends a signal that the United States will impose costs in a strategic and economically impactful manner on Russia if it continues or escalates its destabilizing international actions. This includes, in particular, efforts to undermine the conduct of free and fair democratic elections and democratic institutions in the United States and its allies and partners; engage in and facilitate malicious cyber activities against the United States and its allies and partners; foster and use transnational corruption to influence foreign governments; pursue extraterritorial activities targeting dissidents or journalists; undermine security in countries and regions important to United States national security; and violate well-established principles of international law, including respect for the territorial integrity of states.  

The U.S. Department of the Treasury (Treasury) carried out the following actions pursuant to the new E.O.:

  • Treasury issued a directive that prohibits U.S. financial institutions from participation in the primary market for ruble or non-ruble denominated bonds issued after June 14, 2021 by the Central Bank of the Russian Federation, the National Wealth Fund of the Russian Federation, or the Ministry of Finance of the Russian Federation; and lending ruble or non-ruble denominated funds to the Central…

Source…

Biden needs to respond to Russian hacking

/in


President Joe Biden is a famously nice guy. Maybe he should stop being nice, just for a while.

His administration is reportedly close to punishing Russia for a series of glaring transgressions and abuses, including the epic SolarWinds Corp. computer hack that has left governments and businesses worldwide exposed to a mammoth data breach. As Bloomberg News reported Wednesday, the White House may soon announce economic sanctions against individuals close to Russian President Vladimir Putin and expel Russian diplomats from the U.S. There also may be “private talks with Russia laying out further actions the U.S. would be prepared to take.”

I don’t know. When you haven’t taken any action, telling the people who have been picking your pocket that there are further actions you would be prepared to take if they don’t change their ways doesn’t seem threatening.

And the clock is ticking. The SolarWinds hack burst into view in December, but by then it had been running undetected for months. In late February, amid congressional inquiries into the intrusion, National Security Advisor Jake Sullivan said the Biden administration would soon deploy a “mix of tools seen and unseen” against Russia that went well beyond economic sanctions. Those actions were said to be just weeks away. In March, White House Press Secretary Jen Psaki said a “mix of actions seen and unseen” were on the way.

Now it’s April, and Biden still hasn’t acted. What’s more, he has yet to appoint a national cyber director, the person with the authority to coordinate speedy responses to cyberattacks. Congress created the position late last year through defense legislation that overcame a veto from former President Donald Trump. The expectation was that Biden’s White House, which has prioritized cybersecurity, would fill the role quickly. But bureaucratic squabbles have left it empty.

Source…

Biden Needs to Get Serious About Russian Hacking

/in


Expect never-ending cyberwarfare.

Expect never-ending cyberwarfare.

Photographer: Chris Ratcliffe/Bloomberg

Photographer: Chris Ratcliffe/Bloomberg

President Joe Biden is a famously nice guy. Maybe he should stop being nice, just for a while.

His administration is reportedly close to punishing Russia for a series of glaring transgressions and abuses, including the epic SolarWinds Corp. computer hack that has left governments and businesses worldwide exposed to a mammoth data breach. As Bloomberg News reported Wednesday, the White House may soon announce economic sanctions against individuals close to Russian President Vladimir Putin and expel Russian diplomats from the U.S. There also may be “private talks with Russia laying out further actions the U.S. would be prepared to take.”

I don’t know. When you haven’t taken any action, telling the people who have been picking your pocket that there are further actions you would be prepared to take if they don’t change their ways doesn’t seem threatening.

And the clock is ticking. The SolarWinds hack burst into view in December, but by then it had been running undetected for months. In late February, amid congressional inquiries into the intrusion, National Security Advisor Jake Sullivan said the Biden administration would soon deploy a “mix of tools seen and unseen” against Russia that went well beyond economic sanctions. Those actions were said to be just weeks away. In March, White House Press Secretary Jen Psaki said a “mix of actions seen and unseen” were on the way.

Now it’s April, and Biden still hasn’t acted. What’s more, he has yet to appoint a national cyber director, the person with the authority to coordinate speedy responses to cyberattacks. Congress created the position late last year through defense legislation that overcame a veto from former President Donald Trump. The expectation was that Biden’s White House, which has prioritized cybersecurity, would fill the role quickly. But…

Source…