The foreign office has called Russian ambassador Andrei Kelin to discuss a number of concerns including Cyber intrusions. Russian hackers’ Cyber intrusions, and their interference in democratic processes. Near the Ukrainian border, Russian military forces gathered and also illegally annexed Crimea has raised concerns among the US and UK officials.
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have collectively accused the Russian Foreign Intelligence Service (SVR) for the exploitation of five publicly known vulnerabilities in VPN services.
IT management software company SolarWinds exhibit the recent and one of the biggest cybersecurity incidents which resulted in hackers gaining access to the networks of tens of thousands of organizations of the countries around the world, including several US government agencies, as well as cybersecurity companies. It also included FireEye and Mimecast.
The SolarWinds attacks are publicly attributed to Russian Foreign Intelligence Service (SVR) actors by the US. It also faces accusations of the additional campaigns, including malware attacks targeting facilities behind COVID-19 vaccine development.
The Cyber Attackers Targeted Five Vulnerabilities Which Are:
- CVE-3018-13379 Fortinet FortiGate VPN.
- CVE-2019-9670 Synacor Zimbra Collaboration Suite.
- CVE-2019-11510 Pulse Secure Pulse Connect Secure VPN.
- CVE-2019-19781 Citrix Application Delivery Controller Gateway.
- CVE-2020-4006 VMware Workspace ONE Access.
According to the cybersecurity advisory; “NSA, CISA, and FBI strongly encourage all cybersecurity stakeholders to check their networks for indicators of compromise related to all five vulnerabilities and the techniques detailed in the advisory and to urgently implement associated mitigations.”
Joe Biden declared on Thursday that he is imposing sanctions on Russia for interference in the 2020 presidential election. But the main reason is their cyberattack on the American government and corporate networks.
Russia’s foreign intelligence service has been declared the culprit of the SolarWinds cyberattack by the US. This cyber-attack occurred last year in which more than 40 US government organizations were hacked. It also included the federal agencies, and the ones having government contracts. All of them were hacked. The US was not the only victim as countries other than the US like UK, Canada, Spain, Mexico, Israel, Belgium, and UAE also faced this cyber attack.
Foreign Commonwealth and Development Office (FCDO)’s secretary Sir Philip Barton called on the Russian ambassador and declared that the UK too is highly concerned about the malicious activities of Russian cyber intelligence and its state and also that UK supports the US in those sanctions.
He further confronts that the UK also assessed the Russian Intelligence responsible for the SolarWinds. And through their cyberattacks, public sector bodies were targeted which is now being recovered by the government with the help of affected organizations.
He further declared that;- UK will continue to work with our allies to call out and counter malign operations by the Russian Intelligence Services. We see what Russia is doing to undermine our democracies. These activities are threatening and destabilizing. Russia needs to cease its provocations and de-escalate tensions in line with its international obligations.”
According to US Treasury as a result of this unrest behavioral situation, the US has expelled ten Russian embassy staff as part of the executive order, including Russian intelligence members. Thirty-two entities and individuals were also sanctioned for carrying out Russian government-directed attempts to influence the 2020 US presidential elections and other acts of disinformation and interference.