- A joint US intelligence task force issued an urgent and initial public reaction to the
Solarwinds hack, alleging that the campaign was likely the work of Russianhackers . - The statement claimed that the hack was "a serious compromise that will require a sustained and dedicated effort to remediate."
- The task force also confirmed that the Treasury, the Departments of State, Homeland Security, Commerce, and Energy were breached in an "intelligence-gathering effort."
- The Cyber Unified Coordination Group was formed by the White House in response to the hack and consists of the FBI, the Office of the Director of National Intelligence, the Cybersecurity and Infrastructure Security Agency, and the National Security Agency.
A joint task force of investigative US government agencies issued a statement Tuesday charging that the massive Solarwinds hack was 'likely Russian in nature.'
The statement, which was also signed onto by the FBI, the Cybersecurity and Infrastructure Security Agency, and the National Security Agency, marked a rare unified, public response to the hack.
Noting that investigations into the hack are still underway, the statement said that "an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks."
The statement added that the hack was likely "an intelligence-gathering effort."
Tuesday's joint statement marked the first cohesive response from the
The statement added that the hack was "a serious compromise that will require a sustained and dedicated effort to remediate," adding that since discovering the hack, private sector and US government employees have worked to contain it.
The joint task force also offered additional clarity on which US agencies were targeted.
The statement alleged that less than ten federal bodies had networks breached, but those agencies included the Treasury, as well as the Departments of State, Homeland Security, Commerce, and Energy.
Russian presidential spokesman Dmitry Peskov, as well as the Russian embassy in the US, have denied orchestrating the attacks. A statement issued on the embassy's Facebook page on December 13 said: "Malicious activities in the information space contradict the principles of the
The hack took place over the course of several months, likely beginning as early as March. Hackers reportedly entered the SolarWinds system - which monitors servers in order to prevent outages - via patch updates made by SolarWinds in March and June.
As hackers put corrupted code into Solarwinds updates, at least 18,000 Solarwinds customers in the public and private sector installed tainted updates, according to US intelligence agencies.
The hack was publicly reported last month after global cybersecurity firm FireEye detected the supply chain attack, alleging that their own networks were also compromised.