The Hack Roundup: White House Sanctions Russia over SolarWinds

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

The Biden administration assigned responsibility for a hacking campaign that used software from the firm SolarWinds to infiltrate nine federal agencies and 100 private-sector companies to Russia in conjunction with extensive sanctions on public- and private-sector Russian entities. 

“Today the United States is formally naming the Russian Foreign Intelligence Service (SVR), also known as APT 29, Cozy Bear, and The Dukes, as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures,” reads a fact sheet the White House released Thursday on the sanctions and other actions to impose costs for the cyber intrusion and other activities the White House deemed harmful. “The U.S. Intelligence Community has high confidence in its assessment of attribution to the SVR.”

The Treasury Department acted on an executive order the president issued designating the SVR as well as six companies—ERA Technopolis; Pasit, AO (Pasit); Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA); Neobit, OOO (Neobit); Advanced System Technology, AO (AST); and Pozitiv Teknolodzhiz, AO (Positive Technologies)—as blocked from interacting with any U.S. entity. The sanctions were part of a large package brought on by the SolarWinds hack as well as ransomware activity, interference with the 2020 election and other aggressive Russian activities, according to an agency press release. 

“The private and state-owned companies designated today enable the Russian Intelligence Services’ cyber activities,” the release said. “These companies provide a range of services to [Russia’s Federal Security Service], [Russia’s Main Intelligence Directorate], and SVR, ranging from providing expertise, to developing tools and infrastructure, to facilitating malicious cyber activities.”

The administration is also considering further action under Executive Order 13873 to protect the Information and Communications Technology supply chain by banning related imports, according to the fact sheet. 

The U.S. also expelled 10 Russian diplomats…