SolarWinds: Russian intelligence behind major cyber attack, Raab reveals as US expels diplomats

‘We see what Russia is doing to undermine our democracies’, foreign minister says

Vincent Wood@wood_vincent
Thursday 15 April 2021 23:31

Russian intelligence was behind a major cyber attack that effected more than 100 major US firms as well as branches of the US government, the UK foreign office has revealed.

In a statement the Foreign Commonwealth and Development Office (FCDO) said British Intelligence had assessed that it was “highly likely” Moscow was behind the SolarWinds hack, which saw hackers infiltrate government agencies and corporate secrets of the likes of Microsoft in early 2020.

The Russian ambassador was summoned to the FCDO to be told the UK will continue to work with allies to “call out and counter malign operations” undertaken by Russian intelligence.

The action coincides with a raft of new sanctions from Washington against Russian interests as well as the expulsion of 10 diplomats over the Kremlin’s targeting of federal agencies and attempts to interfere in the 2020 US presidential election.

Foreign secretary Dominic Raab said: “We see what Russia is doing to undermine our democracies.  The UK and US are calling out Russia’s malicious behaviour, to enable our international partners and businesses at home to better defend and prepare themselves against this kind of action.

“The UK will continue to work with allies to call out Russia’s malign behaviour where we see it.”

The Russian Ambassador was addressed by Sir Philip Barton, who stressed the UK’s support for the US action, “set out the UK assessment that the Russian Intelligence Services were behind the SolarWinds compromise,” a Foreign Office spokesman said.

He added: “He informed the ambassador that the UK will continue to work with our allies to call out and counter malign operations by the Russian intelligence services.

“Sir Philip also stated the UK’s concern at the build up of Russian military forces near the Ukrainian border and illegally annexed Crimea.

“These activities are threatening and destabilising. Russia needs to cease its provocations and de-escalate tensions in line with its international obligations.”

The compromise, uncovered in December last year, saw hackers target SolarWinds, an IT services firm, in what is believed to be one of the most serious cyber espionage attacks to have faced the US.

Russian hackers are believed to have infected its widely used Orion software with a malicious code enabling them to access the systems of at least nine US agencies and 18,000 organisations worldwide, including Nato and the European Parliament.

The impact of the hack in the UK was assessed to be “low”, according to the findings of the National Cyber Security Centre (NCSC) shared by the FCDO, with a “low single digit number” of public sector bodies having been targeted.

The department added government had been working with the affected organisations to ensure they were “rapidly mitigated”.

The NCSC assessed that the attack had been carried out by a hacking collective known as Cozy Bear or The Dukes, with the FCDO saying they had links to Russia’s Foreign Intelligence Service (SVR).

In addition to the expulsion of the diplomats, the US administration said it was imposing sanctions on six Russian companies which supported Moscow’s cyber activities and 32 individuals and entities accused of attempting to interfere in last year’s presidential election.

A further eight people and entities linked to Russia’s occupation of Crimea also face sanctions.

US secretary of state Antony Blinken said: “These actions are intended to hold Russia to account for its reckless actions. We will act firmly in response to Russian actions that cause harm to us or our allies and partners.”

In response, Russian Foreign Ministry spokeswoman Maria Zakharova warned that America’s “aggressive behaviour” would “undoubtedly trigger a resolute retaliation”.

“Washington should realise that it will have to pay a price for the degradation of the bilateral ties,” she said. “The responsibility for that will fully lie with the United States.”

She said the foreign ministry had summoned the US ambassador for a “hard conversation” but gave no further details of what actions would follow.

Additional reporting by PA

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments