Business

FBI, CIA, and NSA: Russia was likely behind major SolarWinds hack

Our mission to make business better is fueled by readers like you. To enjoy unlimited access to our journalism, subscribe today.

Russia is likely to be behind the major SolarWinds cyberattack that has compromised multiple federal agencies and businesses, according to the Federal Bureau of Investigation, Central Intelligence Agency, and National Security Agency.

The federal agencies, working as part of the Cyber Unified Coordination Group task force, said Tuesday that an unspecified Russian entity “is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks.”

The group said that fewer than 10 U.S. government agencies and an unspecified number of companies were affected by the cyberattack, which analysts have described as one of the most catastrophic cybersecurity incidents in recent history.

“This is a serious compromise that will require a sustained and dedicated effort to remediate,” the Cyber Unified Coordination Group said in a statement.

Several cybersecurity experts have previously indicated that Russia was behind the attacks, which the Kremlin has denied. Secretary of State Mike Pompeo said in December that Russia was “pretty clearly” involved with the hack.

However, President Donald Trump has previously minimized Russia’s alleged role, and instead pointed to China as a possible suspect and accused the media of overemphasizing the Kremlin.

“The Cyber Hack is far greater in the Fake News Media than in actuality,” President Trump said in December on Twitter. “I have been fully briefed and everything is well under control.”

However, the Cyber Unified Coordination Group, created on behalf of President Trump as part of the National Security Council, described the SolarWinds hack as far more serious than Trump has let on. 

“At this time, we believe this was, and continues to be, an intelligence gathering effort,” the group said in a statement. “We are taking all necessary steps to understand the full scope of this campaign and respond accordingly.”

Russian hackers were believed to have installed a so-called backdoor vulnerability in one of SolarWinds’s most popular products called Orion, which is used by firms to manage their IT infrastructure. The hack, which was disclosed in December, went undetected for months. 

More must-read tech coverage from Fortune: