Click to see full-size image
On January 5th, the US Cyber Unified Coordination Group (UCG) released a statement concluding what the origin of the recent “massive cyber-attack”.
The UCG is made up of the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA).
A task force was formed to investigate under order of US President Donald Trump.
The UCG is still working to understand the scope of the incident but has the following updates on its investigative and mitigation efforts.
Regardless, though, Russia is to blame.
“This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks. At this time, we believe this was, and continues to be, an intelligence gathering effort. We are taking all necessary steps to understand the full scope of this campaign and respond accordingly.”
The UCG said it believed that, of the approximately 18,000 affected public and private sector customers of Solar Winds’ Orion product, a much smaller number have been compromised by follow-on activity on their systems.
“We have so far identified fewer than ten U.S. government agencies that fall into this category, and are working to identify and notify the nongovernment entities who also may be impacted.
This is a serious compromise that will require a sustained and dedicated effort to remediate. Since its initial discovery, the UCG, including hardworking professionals across the United States Government, as well as our private sector partners have been working non-stop. These efforts did not let up through the holidays. The UCG will continue taking every necessary action to investigate, remediate, and share information with our partners and the American people.”
It then describes what each agency brings to the proverbial table:
FBI:
“As the lead agency for threat response, the FBI’s investigation is presently focused on four critical lines of effort: identifying victims, collecting evidence, analyzing the evidence to determine further attribution, and sharing results with our government and private sector partners to inform operations, the intelligence picture, and network defense.”
CISA:
“As the lead for asset response, CISA is focused on sharing information quickly with our government and private sector partners as we work to understand the extent of this campaign and the level of exploitation. CISA has also created a free tool for detecting unusual and potentially malicious activity related to this incident. In an Emergency Directive posted December 14, CISA directed the rapid disconnect or power-down of affected SolarWinds Orion products from federal networks. CISA also issued a technical alert providing technical details and mitigation strategies to help network defenders take immediate action. CISA will continue to share any known details as they become available.”
ODNI:
“As the lead for intelligence support and related activities, ODNI is coordinating the Intelligence Community to ensure the UCG has the most up-to-date intelligence to drive United States Government mitigation and response activities. Further, as part of its information-sharing mission, ODNI is providing situational awareness for key stakeholders and coordinating intelligence collection activities to address knowledge gaps.”
And, finally the NSA:
“The NSA is supporting the UCG by providing intelligence, cybersecurity expertise, and actionable guidance to the UCG partners, as well as National Security Systems, Department of Defense, and Defense Industrial Base system owners. NSA’s engagement with both the UCG and industry partners is focused on assessing the scale and scope of the incident, as well as providing technical mitigation measures.”
Adam Schiff, chairman of the House of Representatives intelligence committee, said in a statement:
“Congress will need to conduct a comprehensive review of the circumstances leading to this compromise, assess the deficiencies in our defences, take stock of the sufficiency of our response in order to prevent this from happening again, and ensure that we respond appropriately.”
There is, apparently, no evidence, but it is “highly likely” that is Russia, which is of no surprise.
ILLUSTRATIVE IMAGE
President-elect Joe Biden’s initial response spoke of retaliation, but there really isn’t much the United States can do beyond what it already does. Namely accuse without evidence and impose sanctions.
Biden blamed Russia for the hack, and said that Trump made it possible for the hack to happen.
Biden suggested the outgoing president made the country vulnerable to such a crisis, citing Trump’s decision to abolish a White House role responsible for cybersecurity and blasting Trump’s “irrational downplaying of the seriousness of this attack.”
“Enough’s enough … we can’t let this go unanswered,” Biden continued, saying as commander in chief he would respond once the U.S. makes a formal declaration of Russian responsibility but declining to describe how he might do so. “We don’t sit here and say, we’re going to strike you with a nuclear weapon,” Biden told a reporter who asked him to outline possible options.
Biden said he was awaiting a full accounting of the damage done by the hack. Last week, he pledged to “make dealing with this breach a top priority from the moment we take office.”
It, apparently, went under the radar that SolarWinds majority owners Silver Lake and Thoma Bravo sold $286 million of stock just before the company announced a new CEO and disclosed the “massive cyber-attack.”
The private equity firms disposed of more than 13 million SolarWinds stock shares at $21.97 per share on Dec. 7, two days before the IT infrastructure management firm announced Pulse Secure’s Sudhakar Ramakrishna as its next CEO.
And just 4 days later disclosed that it had allegedly experienced a highly sophisticated, manual supply chain attack on certain versions of its Orion network monitoring product.
SolarWinds’ stock is now trading at $18.46, nearly 16 percent lower than what Silver Lake and Thoma Bravo sold their shares for. Silver Lake sold 5.8 percent of its stake in publicly held SolarWinds for $157.5 million, while Thoma Bravo also sold 5.8 percent of its somewhat smaller stake in SolarWinds for $128.3 million.
So it appears that US Security agencies blame Russia, but there appears to be no evidence of that, and the only ones who have gained anything so far are the “victims”.
Russia has denied any involvement.
MORE ON THE TOPIC:
What they bring to the table is ineptitude, incompetence and corruption.
The only damn sure thing is that those who make accusations lie knowing they are lying.
US blob always needs enemies and Russia is so easy a sell
There’s an actual reason (albeit not a good one) Russia, and Iran are the two most popular enemies of the West. The master’s of the Western Government’s serving The City of London, project Cabal hatred, and malicious intent towards these countries through their vassal’s, as an extension of themselves.
The truth is that connecting the dots fits together. Putin poured gasoline all over ME, bombed civilians, stole Crimea under our nose, and now Putin is trying to steal our intellectual property and idea of a New Green Deal with green water, wind and sol bonds in order to take over the global power. Everybody who have just one braincell can see it fits perfect together with Putin’s forced dictatorship gas to Europe.
Everybody with just two braincells can see that it’s the new NEW GREEN GRAB there is no Deal about it. Ps.Il all in for the planet but not that sht
Lol, you don;t even have one braincell, the proof is after reading your dumb comment.
I had never seen a message so deluded from reality and twisted as yours. The U.S set the middle east on fire, the whole WORLD saw it and knows it very well, and Crimea voted a referendum following international law to become part of Russia again, about the last bullshit that you wrote, jesus, no one forced (well actually…one bad actor did)anything onto Europe, it was actually the U.S gestapo that wants to resell the gas to Europe to a much higher cost, why would anyone buy gast from the U.S when you can buy it from Russia pretty cheap and without compromise? Also, Europe whether they like it or not, depend on Russia to be independent, Europe is under the yoke of the U.S, but in the future things may change, after all, business is business :)
Total bullshit. Putin did no such thing. Do you somehow think the Middle East belongs to you ? Russia does not attack civilian populations, you sir, are a fucking liar. Crimea was not stolen from anyone. Is this something else you think belongs to you ? Crimea belongs to Crimean’s. Absolute proof Crimea made the choice to seperate from Ukraine, and join the Russian Federation by means of self-determination, as set forth under International Law. Records on file at The International Court’s in Brussels. You don’t possess any intellect. Therefore no intellectual property exists. Russia is advanced decades ahead of your “intellect” what possible reason would possibly move Russia to take regressive action, and to break it’s own law ? “dictatorship gas pipe”… What in Hell does that even mean ? Russia has been the supplier of gas to Europe since forever. Nordstream II is a joint German/Russian construction project that’s been underway long before US Government was directed to place economic sanctions against Russian Federation, by it’s Zionist Khazar master’s. Russia enjoys an unblemished reputation for low cost, high quality gas and 100% reliable delivery. This product powers EU, and the necessary heat in winter to survive. There is nothing political about this project. Not, limited to this comment, but your entire narrative is nothing more than US military propaganda parroted by you. Old, long disproven propaganda that was fabricated for the purpose of deceiving the population of US, and turn public opinion against Russia, Iran, N. Korea, China, and any country US Government servant’s are directed to turn it’s military PsyOps, and propaganda weapon on. Which makes you an anti-American enemy agent, and a sell-out to your country’s enemy. A traitor, and embarrassment to the people, the country, the flag, and the human species in general. An overpaid automaton parroting prepared programming. Regurgitating, until new programming is installed. A disgrace, you humiliate yourself to appease an employer that despises you, and will end you when there’s no further use for your low-life kind of services.
In sharp contrast, here is an article that looks at how Russia is handling the new global reality:
https://viableopposition.blogspot.com/2020/10/russias-approach-to-new-global-reality.html
It’s long past time when nations around the world use what the West and the United States in particular thinks as a yardstick measuring their behaviours.
There’s a coup d’état happening in the USA right now, at the moment as I type. Southfront should start covering it.