Disclosed in December, the hack struck eight federal agencies and numerous companies, including software provider SolarWinds Corp. U.S. intelligence agencies publicly attributed it to Russian state actors. Moscow has denied involvement in the hack.
While we learned of SolarWind’s attack on December 13th, the first disclosure of its consequence was made on December 8th when leading cybersecurity firm FireEye revealed that it was hacked by a nation-state APT group.
“In weeks, not months,” said a senior officer on Friday, Biden administration will respond to the SolarWind hackers, who used the U.S. technology company as a springboard to compromise a raft of U.S. government agencies.
“The third part of what we are doing about it is responding to the perpetrators of the attack. You can expect further announcements on that in weeks, not months,” said the official, who declined to be named, in a telephone briefing with reporters.
The operation, identified in December and probably arranged by Russia, violated SolarWinds Corp, which allowed hackers to gain access to thousands of companies and government offices using their products.
Microsoft President Brad Smith described the attack as “the largest and most sophisticated attack the world has ever seen.”
The Senior Official also noted the independent review by most of the nine federal government agencies affected by SolarWind’s hack and by the end of March, the independent review will be completed by all.
In Microsoft ID management tools, hacking which has also hurt 100 individual companies used corrupted SolarWinds code and weakness.
Just after winning the US Elections, President Joe Biden announced that he is recruiting a group of highly cyber-experienced national security veterans, attracting praise from former defence officials and investigators as the U.S. government is trying to recover from one of its agencies’ largest hacks attributed to Russian spies.