Skip navigation
Menu
(L-R) White House Press Secretary Jen Psaki looks on as Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger speaks during the daily press briefing at the White House on February 17, 2021 in Washington, DC. Neuberger said. Drew Angerer/Getty Images
(L-R) White House Press Secretary Jen Psaki looks on as Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger speaks during the daily press briefing at the White House on February 17, 2021 in Washington, DC. Neuberger told reporters that 9 federal agencies and around 100 companies were impacted by the SolarWinds breach.
Manage>Security

Suspected Russian Hackers Used US Networks, Official Says

A White House official said the SolarWinds breach was executed from within the US.

Alyza Sebenius and Jenny Leonard (Bloomberg) -- A sprawling cyber-attack that compromised popular software created by Texas-based SolarWinds Corp. was executed from within the U.S., a top White House official said, though the government believes Russia was responsible.

The federal investigation of the hack will take several months, Deputy National Security Advisor Anne Neuberger said in a briefing for reporters on Wednesday.

Related: The SolarWinds Breach Is Shaking Up Incident Response

“As of today, nine federal agencies and about 100 private-sector companies were compromised,” Neuberger said. She didn’t identify them and said the government hasn’t ruled out the possibility of further victims.

She said the government believes it’s still at the “beginning stages” of understanding the scope and scale of the attack, which was publicly disclosed in December but was likely executed months earlier. “The hackers launched the hack from inside the United States which further made it difficult for the U.S. government to observe their activity,” she said.

Related: What Data Center IT Security Pros Must Know About the SolarWinds Vulnerability

Neuberger is leading the U.S. response to the SolarWinds attack. The Texas-based company’s software is used by several government agencies and Fortune 500 companies.

As many as 18,000 SolarWinds’s customers received malicious code through updates to the software, though far fewer are believed to have been targeted for further intrusions by the hackers. The targets included the federal departments of State, Treasury, Homeland Security, Commerce and Energy, including its nuclear weapons agency. The hackers used other methods to infiltrate networks besides SolarWinds, U.S. officials have said.

“Many of the private sector compromises are technology companies, including networks of companies whose products could be used to launch additional intrusions,” Neuberger said.

President Joe Biden said in a Feb. 4 speech at the State Department that the U.S. has “elevated the status of cyber issues within our government.”

The U.S. “will not hesitate to raise the cost on Russia” for the Kremlin’s aggressive behavior, including cyber-attacks, Biden said in the address.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
server rack cluster in a data center in blue light
Securing Edge Data Centers: Challenges and Solutions
Apr 18, 2024
Pumping system for cooling a data center
Why Liquid Cooling Systems Threaten Data Center Security
Apr 11, 2024
Electronic security lock on sever rack in data center.
Cabinet-Level Controls: The Final Layer of Physical Data Center Security
Apr 10, 2024
US, UK Form Historic Alliance on AI Safety, Testing
US, UK Form Historic Alliance on AI Safety, Testing
Apr 03, 2024