Previously, US President Donald Trump had accused China of malicious security incidents; security experts and officials have suspected China to be involved in the recent cyberattacks on the US government and several other organizations in the nation but now other members of his administration are pointing out the finger at Moscow.
In a joint statement on 5 January, the intelligence bodies said, “the attack believed to be an ‘intelligence gathering’ attempt, rather than cyber warfare, as touted by multiple lawmakers including President Donald Trump. Currently, it is also being observed that cyber-attack which attempted to sabotage online privacy and information has affected fewer than ten US government agencies along with several other organizations outside government”.
A collective report of government organizations, the UGC, also called Cyber Unified Coordination Group which has been set up to deal with the recent attack, stated that the Advance Persistence Threat (APT) actor which is responsible for the cyberattack was “likely Russian in origin”. It also said other government organizations that are collaborating for the collective report, are the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the Office of the Director of National Intelligence (ODNI), and the National Security.
The intelligence stated that the research regarding this is still going on to understand the scope of the data compromised during cyber attacks.
According to the committee, the hacking attempts were initially made in March 2019 when the updated version of the IT network management tool called Orion was compromised.
The report says those thousands of people who had installed this hacked tool across American territory, many of whom worked in important US federal agencies.
Besides non-government organizations, a major part of the US government was compromised during the recent cyber attacks such as the Treasury and Department of Commerce, and the National Telecommunications and Information Administration.
“This is a serious compromise that will require a sustained and dedicated effort to remediate. Many organizations have to scour their systems for signs that they may have been compromised.
The incident sent shockwaves across the US partly because the breach was undiscovered for many months and was potentially far-reaching in terms of who it might have affected. It also suggested a degree of sophistication and stealth which was widely seen as a trademark of hackers from the SVR”, Russia’s foreign intelligence agency, the Intelligence committee said in a statement.