Get access to Protocol
Echoing the conclusions of several cybersecurity experts following the discovery of the SolarWinds supply-chain attack on U.S. government agencies, the FBI and the NSA officially said for the first time Tuesday that those attacks are "likely Russian in origin."
In a joint statement that included the Cybersecurity and Infrastructure Agency and the Office of the Director of National Intelligence, the government said that the breaches are also believed to be "an intelligence gathering effort," rather than an attempt to disrupt critical national infrastructure as some had feared. President Trump has downplayed or dismissed conclusions from several private-sector companies that Russian hacking groups were behind the breach, suggesting at one point that China was responsible while offering no evidence.
"… of the approximately 18,000 affected public and private sector customers of SolarWinds' Orion product, a much smaller number have been compromised by follow-on activity on their systems," the group said, which is good news for both SolarWinds and its customers. Still, "this is a serious compromise that will require a sustained and dedicated effort to remediate," the group statement said.
Tom Krazit ( @tomkrazit) is a senior reporter at Protocol, covering cloud computing and enterprise technology out of the Pacific Northwest. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET, paidContent, and GeekWire. He served as executive editor of Gigaom and Structure, and most recently produced a leading cloud computing newsletter called Mostly Cloudy.