Officials have issued warnings of a “grave risk” to the government, critical infrastructure and private businesses after uncovering evidence of a cyber-attack in the United States earlier this week.
A statement released by The US Cybersecurity and Infrastructure Security Agency (Cisa) on Thursday revealed that government agencies, critical infrastructure entities and private sector organisations had been targeted by what it called an “advanced persistent threat actor”, beginning in at least March 2020. The hacker(s) “demonstrated patience, operational security, and complex tradecraft in these intrusions”, but Cisa was unable to identify the attackers.
The US Treasury and commerce departments were among the entities that were attacked, along with the state, defence and homeland security departments. Politico also reported that a nuclear weapons agency was breached during the attack.
Cisa believes that the United States cyber-attacks were perpetrated through software created by a Texas-based IT company, SolarWinds and they will be conducting an investigation into “evidence of additional access vectors, other than the SolarWinds Orion platform”, as reported by BBC.
Many suspect the Russian government is responsible for the hack, but Russia has labelled the accusations as “baseless” and neither Cisa or the FBI have disclosed who they believe is behind the attacks. Private security companies and officials have pointed fingers at Russia through the US media.
In response to this, the Russian Embassy in the United States said that it “does not conduct offensive operations in the cyber domain”.