Major U.S. intelligence agencies concluded Tuesday that the recent massive cyberattack that penetrated the systems of the federal government and large country companies “probably” came from Russia, and was an act of espionage.
In a joint statement, four country intelligence agencies publicly pointed to Moscow for the first time as the likely perpetrator of the cyberattack, which outgoing US President Donald Trump has questioned until point of raising the possibility that it was China.
According to intelligence sources consulted by the US media, there is no indication that the check may have come from China, and the statement was apparently an attempt to correct this idea that Trump has spread in his tweets.
“Our work indicates that an actor creating a persistent and advanced threat, probably Russian in origin, is responsible for most or all of the acts that were recently discovered, that are still active and that endanger both the governmental as well as non-governmental networks, ”the note notes.
“We believe this was, and still is, an attempt to gather intelligence,” the statement, signed by the Federal Bureau of Investigation (FBI), the National Security Agency English), the Cybersecurity and Infrastructure Security Agency (CISA) and the office of the Director of National Intelligence.
The Kremlin has publicly denied that it had anything to do with this cyberattack, which was detected late last year, but may have started in October 2019 and could still be active, according to US authorities .
Those responsible for the attack went into all sorts of systems through updates to a popular program from the American technology company SolarWinds, called Orion and used to monitor computer networks both the Government and hundreds of large companies.
The four intelligence agencies said, however, that although the cyberattack affected “approximately 18,000 customers” of SolarWinds, only “a much smaller number” has reported damage from “subsequent activity on their systems.”
“So far we have identified less than ten U.S. government agencies that fall into this category, and we are working to identify non-governmental entities that may also be impacted,” the agencies said.
Among those entities is software giant Microsoft, which last week revealed that the hack penetrated deeper into its system than it believed, and exposed at least some of its source code.
The CISA already advanced in December that the cyberattack posed a “serious risk” to the federal government, “crucial infrastructure” has already been committed in the country and it will be “extremely difficult” to fully restore security in the affected systems.
Intelligence agencies stressed that they are still trying to “understand the full dimensions of this campaign” and that when they do, they must respond to the cyberattack.
U.S. President-elect Joe Biden has vowed to take “substantial” retaliation for the cyberattack once he comes to power on Jan. 20, though he has avoided attributing the aggression directly to Russia for now. arguing that it is Trump who must establish who the perpetrator was.