There have been warnings within American intelligence that the SolarWinds attack, which allowed the SVR to place “back doors” on computer networks, could provide Russia with a route for malicious activity against government agencies and corporations.
The new Washington
April 15, 2021, 10:26 p.m. ET
Jake Sullivan, Mr Biden’s national security adviser, has often said that sanctions alone are not enough and that there would be “seen and invisible” actions against Russia. Mr Biden, prior to his inauguration, suggested that the United States would respond to the hack in kind, suggesting some kind of secret cyber response. However, it could take weeks or months for evidence of this activity to emerge if it ever does.
The contract also provides for six Russian companies to support the cyber activities of the Russian secret service.
The measures taken on Thursday were in response to the SolarWinds attack and the election disruption. In addition, government officials said they had sent diplomatic messages to Russia expressing concern over intelligence reports that Russia had paid bounties to encourage Taliban attacks on American troops. However, a senior official said intelligence agencies had little to moderate confidence in their assessment, based in part on information from detainees.
In the SolarWinds breach, Russian government hackers infected network management software used by thousands of government agencies and private companies in what officials believed was an intelligence-gathering mission, at least initially.
The SVR, also known as the Russian Foreign Intelligence Service, is best known for espionage operations. The statement said American intelligence agencies had “great confidence in assessing the attribution” of responsibility to Russia.
In an expert opinion, the United States provided private companies with specific details about the software vulnerabilities used by Russian intelligence agencies to hack into corporate and government systems. Most of these have been well known since FireEye, a private security company, first found evidence of the hack in December. By the time FireEye was discovered, the US government had completely missed its actions, largely because the attack was launched from within the United States – where, as the Russians well know, American intelligence agencies are banned from operating.