Domain Registration

U.S. Imposes Stiff Sanctions on Russia, Blaming It for Major Hacking Operation

  • April 15, 2021

Inside American intelligence agencies, there have been warnings that the SolarWinds attack — which enabled the S.V.R. to place “back doors” in the computer networks — could give Russia a pathway for malicious activity against government agencies and corporations.

Jake Sullivan, Mr. Biden’s national security adviser, has often said that sanctions alone will not be sufficient. Before he took office, Mr. Biden suggested the United States would respond in kind to the hacking, which seemed to indicate some kind of clandestine response. But it may take weeks or months for any evidence of that to come to light, if it ever does.

The order also designates six Russian companies for providing support to the cyberactivities of the Russian intelligence service.

Administration officials said the actions were also a response to intelligence reports that Russia had paid bounties to encourage Taliban attacks on American troops, adding that they had sent diplomatic messages to Russia expressing concern about the reports. But a senior official said intelligence agencies only had low-to-moderate confidence in their assessment, because it was based in part on information from detainees.

In the SolarWinds breach, Russian government hackers infected network management software used by thousands of government entities and private companies in what officials believe was, at least in its opening stages, an intelligence-gathering mission.

The S.V.R., or the Russian Foreign Intelligence Service, is primarily known for espionage operations. In a statement, the administration said American intelligence agencies had “high confidence in its assessment of attribution” of responsibility to Russia.

The United States also described specific details about the software vulnerabilities that the Russian intelligence agencies used to infiltrate the systems of companies and governments. Most of those have been widely known since FireEye, a private security company, first found evidence of the hacking in December. Until then, the U.S. government had not noticed the actions, largely because the attack was initiated from inside the United States — where, as the Russians know well, American intelligence agencies are prohibited from operating.

Related News