Signage outside SolarWinds Corp. headquarters in Austin, Texas on Tuesday, Dec. 22, 2020.
Bronte Wittpenn | Bloomberg | Getty Images
Russians were likely behind the SolarWinds hack that breached U.S. government networks, according to a joint statement issued by several U.S. agencies on Tuesday.
Until now, the breach appeared to have been Russian, according to Reuters which first reported on it in December, but this is the first time the government has publicly supported that. President Trump on Dec. 19 said he had been briefed on the hack but suggested he did not believe it was Russia and that it “may be China.”
“This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks,” the joint statement says. It adds that it believes Russia’s attack was in an effort to gather intelligence.
The joint statement was issued by the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, the Office of the Director of National Intelligence and the National Security Agency.
Other people have suggested Russia was behind the attack. In December, former Trump Homeland Security Advisor Thomas Bossert said in a piece for the New York Times that the Russians were likely inside sensitive government networks for six to nine months.
Reuters said last month that hackers gained access to the U.S. Commerce and Treasury departments through SolarWinds software. The New York Times added that the Department of Homeland Security, the State Department and parts of the Pentagon were also breached. Microsoft said it was also a victim of the attacks and that hackers accessed some of its source code.
SolarWinds, based in Austin, Texas, offers a variety of tools organizations can use to manage their software. Competitors include BMC, CA, Cisco and IBM. The company has over 300,000 customers, and the U.S. government is a notable part of its customer base.