The news of US sanctions on Russia has made headlines around the world with President Biden’s remarks on Russia firmly attributing the extensive “SolarWinds” hack on the US Government to Russia. Cyber security is fast becoming a top priority for world leaders and these latest actions from the US show the international remit of operations at play.
The scale of the SolarWinds attack referenced by President Biden is unprecedented with 18,000 companies thought to be affected including significant portions of the US Government. Recently described by Microsoft’s President as being ‘the largest and most sophisticated attack the world has ever seen’ the attack demonstrates a capability and scale of operation not seen publicly before. While President Biden has attributed the attack to the Russian Foreign Intelligence Service (the SVR), Russia has denied responsibility.
Proving attribution of cyber-attacks can often be problematic in ‘nation-state’ scale scenarios; their technical sophistication combined with the length of time engagements persist prior to detection makes confident attributions virtually impossible and also increases the chance of misattribution. It’s estimated that nine months had elapsed before the attack was uncovered providing ample time for data loss, and full network compromise.