By the CyberWire staff
US attributes SolarWinds campaign to Russia’s SVR.
The US Administration on Thursday announced a set of measures designed to impose costs on Russian threat actors for election influence operations, for the SolarWinds compromise, and for other cyberespionage incidents. The steps taken include sanctions, diplomatic expulsions, and naming and shaming. The National Security Agency, the Cybersecurity and Infrastructure Security Agency (CISA), and the FBI jointly released a Cybersecurity Advisory attributing the SolarWinds campaign to Russia’s Foreign Intelligence Service (SVR). The SVR is tracked by the industry as APT29 or Cozy Bear.
The White House stated:
“Today the United States is formally naming the Russian Foreign Intelligence Service (SVR), also known as APT 29, Cozy Bear, and The Dukes, as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures. The U.S. Intelligence Community has high confidence in its assessment of attribution to the SVR.
“The SVR’s compromise of the SolarWinds software supply chain gave it the ability to spy on or potentially disrupt…
