US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack
Apr 15 2021
To that effect, the U.S. Department of the Treasury has imposed sweeping sanctions against Russia for "undermining the conduct of free and fair elections and democratic institutions" in the U.S. and for its role in facilitating the sprawling SolarWinds hack, while also barring six technology companies in the country that provide support to the cyber program run by Russian Intelligence Services.
The White House said the sanctions likewise respond to "malicious cyber activities against the United States and its allies and partners", referring to the massive so-called SolarWinds hack of U.S. government computer systems a year ago.
Russia's foreign ministry spokeswoman Maria Zakharova in a televised briefing said Ambassador John Sullivan had been summoned for a "difficult conversation".
The breach exposed vulnerabilities in the supply chain as well as weaknesses in the federal government's own cyber defences.
The SVR actor is also known by other names such as APT29, Cozy Bear, and The Dukes, with the threat group being tracked under different monikers, including UNC2452 (FireEye), SolarStorm (Palo Alto Unit 42), StellarParticle (CrowdStrike), Dark Halo (Volexity), and Nobelium (Microsoft).
The U.S. also sanctioned "16 entities and 16 individuals who attempted to influence the 2020 U.S. presidential election at the direction of the leadership of the Russian Government", according to the U.S. Treasury Department.
They come amid an already tense relationship between the US and Russia, with US President Joe Biden telling Russian President Vladimir Putin this week that the US would "act firmly in defence of its national interests" regarding Russian intrusions and election interference.
"The SolarWinds incident ... has had all the trappings of traditional espionage that, while unfortunate, has not historically been outside the bounds of responsible state behavior", Rep. Jim Langevin, D-R.I., said while calling on the Biden administration to "fully explain the contours of [its] new policy that seems to focus on Russia's reckless history of attacks like NotPetya and the enormous cleanup costs associated with SolarWinds".
US President Joe Biden's White House issued an executive order on Wednesday morning declaring a national emergency and expanding sanctions in response to Russian cyberattacks. The US for the first time explicitly linked that intrusion to a Russian intelligence service.
"The scope of this compromise is a national security and public safety concern", the White House said.
Secretary of State Antony Blinken said in a statement that the sanctions would "serve to reduce Russian resources available to carry out similar malign activities".
"When he spoke to him this week", Sullivan told reporters, "he said, 'I told you that I was going to look into this, I made a determination that Russian Federation has, in fact, conducted these actions, and I'm a man of my word, I am ready to respond, but I'm not looking to escalate".
The series of US statements on Russian cyber-operations had other revelations: The Treasury Department formally linked Russia's FSB intelligence agency with a ransomware gang known as EvilCorp. The White House announced that summit proposal earlier this week. "Responsibility for what is happening lies entirely on the U.S".