The US government accused Russia of attacking SolarWinds and imposed sanctions on a number of companies

Chinese Hackers Also Took Part In Hacking Solarwinds Clients.jpg

American authorities officially blamed Russia for the attack on SolarWinds and its customers. Joe Biden’s administration claims that the Russian Foreign Intelligence Service and its “government hackers” known as APT 29, Cozy Bear or The Dukes were behind the attack. According to the authorities, they “used the SolarWinds Orion platform and other IT infrastructures as part of a large-scale cyber-espionage campaign.”

“Compromising the SVR of SolarWinds’ supply chain has enabled them to spy on and potentially disrupt more than 16,000 computer systems around the world,” the White House said in a statement.

UK government supported the White House statement also links the attack on SolarWinds to the SVR. The European Commission has also prepared its own statement, in which he also blames Russia, but does not claim that the Foreign Intelligence Service was behind this incident.

Chinese Hackers Also Took Part In Hacking Solarwinds Clients.jpg

The SolarWinds hack has become one of the largest supply chain attacks in history.

In December 2020, it became known that unknown attackers had attacked SolarWinds and infected its Orion platform with malware.

According to official figures, of the 300,000 SolarWinds customers, only 33,000 were using Orion, and the infected version of the platform was installed on approximately 18,000 customers. As a result, the victims included such giants as Microsoft, Cisco, FireEye, as well as many US government agencies, including the Department of State, the Department of Justice and the National Nuclear Security Administration.

On the same day, the US Treasury Department imposed sanctions against six Russian IT companies that the US government believes have helped the SVR and GRU with their technical expertise and services during past operations. The sanctions affected Technopolis Era, JSC Pasit, the Federal State Autonomous Scientific Institution Research Institute of Specialized Computing Devices and Safety Automation, Neobit LLC, Advanced System Technologies JSC, and Positive Technologies JSC. In addition to them, the information agencies Southfront, Newsfront, Inforos and the Russian Strategic Culture Foundation were also sanctioned.

In particular, the US Treasury says that Positive Technologies has clients in the Russian government, including the FSB, and regularly holds large-scale conventions where the FSB and GRU recruit new employees for themselves.

Positive Technologies representatives have already published official answer, which denies all the accusations made by the American authorities. Below you can see the full version of the company’s statement.

“We, as a company, reject the unfounded accusations made against us by the US Treasury Department: in our nearly twenty-year history of our work, there has not been a single fact of using the results of Positive Technologies research activities outside the traditions of ethical exchange of information with the professional information security community and transparent business conduct.

Our global goal is to create products and technologies designed to improve overall cyber security throughout the world, as well as to create conditions for the most effective counteraction to cyber attacks in the interests of society, business and the state, regardless of geopolitics, with maximum openness and focus on cooperation ( including international).

Positive Technologies technologies are used all over the world, and today thousands of companies from various business sectors and government agencies from different countries trust us with their security. The company has more than 1,100 employees, at the end of 2020 we earned 5.6 billion rubles ($ 73 million, according to RAS) and grew by 55% in relation to 2019. Over the past five years, the average growth of the company has been 41%. We have been recognized as one of the fastest growing and most visionary companies in security and vulnerability management solutions by independent international think tanks.

Despite the fact that the company is not public, the market values ​​our capitalization highly – at several billion dollars. This proves the high interest in our technologies and a serious level of trust in the company. To maintain this trust, we adhere to the principles of maximum transparency at all levels of our activities, from research to commercial, including the financial statements of the company.

We are known to the global cybersecurity community as visionaries and leaders in ethical security research. For example, our researchers identify hundreds of zero-day vulnerabilities per year in IT systems of various classes and types. All vulnerabilities found, without exception, are provided to software manufacturers under the responsible disclosure policy and are not disclosed until they release the corresponding update. Each such study is highly appreciated by the manufacturers of these systems and is used to improve the security of their final product.

Traditions of transparency and openness are reflected in the Positive Hack Days forum, which we have been holding since 2011. The Forum is a public platform for the exchange of expertise, training and advanced training in the field of cybersecurity and annually brings together thousands of cybersecurity and business experts from different countries, representatives of the CTF movement, scientists, students and even schoolchildren. In connection with the pandemic, we switched to a hybrid format, and therefore everything that happens on the forum can be seen by a wide audience online, where we provide simultaneous translation into English so that anyone from anywhere in the world can see a topic of interest to him. The event is completely open to attendance and participation.

We sincerely believe that geopolitics should not be an obstacle to the technological development of society, and for our part, we will continue to do what we are good at – to ensure cybersecurity and increase cybersecurity throughout the world. Therefore, we continue our work as usual with full observance of all obligations to our customers, partners and employees. ”


ProApk on Telegram

ProApk on Google News

ProApk on Twitter

ProApk on Facebook