In a unified public response to the massive Solarwinds hack, a joint task force of investigative US government agencies, known as the Cyber Unified Coordination Group (UCG), has issued a statement alleging that the hack was “likely Russian in origin”.
The group, composed of the FBI, CISA, and ODNI with support from NSA, said that an Advanced Persistent Threat (APT) actor is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks.
The UCG believes that, of the approximately 18,000 affected public and private sector customers of Solar Winds’ Orion product, a much smaller number have been compromised by follow-on activity on their systems.
The group has so far identified fewer than 10 U.S. government agencies that fall into this category. It is also working to identify the non-government entities who also may be impacted.
“This is a serious compromise that will require a sustained and dedicated effort to remediate,” the group added.