Skip to main content

US blames Russia for SolarWinds attack, imposes sanctions

security
(Image credit: Shutterstock / Song_about_summer)

US President Joe Biden has imposed new sanctions on Russia and expelled almost a dozen Russian diplomats from US soil, as per a BBC report. 

One of the key factors behind the move is last year’s SolarWinds supply chain cyberattack, which saw cybercriminals infiltrate more than 18,000 US companies and government organizations.

The US government has now officially blamed the Russian foreign intelligence service (the SVR) for the attack. 

The sanctions target 32 entities and officials, who are also suspected of performing “other acts of disinformation”. Further, starting in June, US financial institutions will no longer be allowed to purchase ruble-denominated bonds.

Back in 2020, a cybercrime group infiltrated the SolarWinds network through compromised Office 365 accounts. The attackers managed to slip SUNBURST malware into an upcoming patch for SolarWinds' infrastructure monitoring and management platform, Orion. 

SolarWinds failed to catch the infection and the rigged patch was downloaded by more than 300,000 organizations. Some 18,000 were infected, including US government institutions, financial institutions and tech companies. 

The incident has been called one of the most devastating supply chain attacks of the decade - and possibly ever. 

Russia has repeatedly denied allegations of its involvement in the breach, and has promised to respond to the sanctions in kind.