The SolarWinds hackers reportedly got their hands on information about counterintelligence investigations, the US’ policy on sanctioning Russian individuals and its response to COVID-19.
The campaign was widely publicized when it was eventually outed late last year. The US government pins the attack on Russia’s SVR foreign intelligence service, which denies any involvement in the campaign.
Despite months of investigation, which has identified several targets, including SolarWinds and Microsoft, there has been virtually no revelations about the intentions of the attackers.
- These are the best endpoint protection tools
- Also take a look at the best firewall apps and services
- Here’s our choice of the best malware removal software on the market
However, anonymous sources have now told Reuters that the attackers were hoping to gather intelligence on the US government’s decision-making policy.
Intelligence loss
Microsoft recently revealed Russia as a leading proponent for conducting cyber crimes using state-sponsored actors.
In their annual Digital Defense Report, Microsoft shared that the SolarWinds attackers were digging for government material on sanctions and other Russia-related policies, along with information about the methods the country employs to catch Russian hackers.
Anonymous sources involved in the US government’s investigation into the matter revealed that they could see the terms that the attackers used as they combed through the US government files, and one of the keywords searched was “sanctions.”
Speaking to Reuters, Chris Krebs, former head of US’ Cybersecurity and Infrastructure Security Agency (CISA) and now an adviser to various companies including SolarWinds, said the combined descriptions of the attackers’ goals sounds logical.
During the SolarWinds campaign the attackers managed to breach about nine federal agencies, read emails of various government departments, made away with confidential source code from Microsoft, and other companies, and more.
Despite all this, one of the people involved in the investigation went as far as to tell Reuters that the exposure of counter-intelligence matters being pursued against Russia, was the worst of the losses.
Source: techradar