Both Defense Secretary Mike Pompeo and Federal Attorney General William Barr believe that such a sophisticated cyberattack was carried out by Russian-backed groups.
Last week, it was on the agenda that the systems of the US Treasury and Commerce Departments were infiltrated and email traffic was seized. It is estimated that this attack, which created a crisis in the US top administration, was carried out by groups linked to Russia.
Spread over a wide area
In such attacks, which are also defined as Supply Chain Attacks, attackers who infiltrate an update of a company’s software, which are widely used by important institutions, can thus leave malicious code to the systems of all institutions where the update is sent.
It was revealed that the update of SolarWinds company’s network traffic monitoring software, which was provided to critical companies such as Microsoft, FireEye and important institutions such as the Treasury and the Ministry of Commerce, was leaked in March and thus, the servers of dozens of organizations were accessed. SolarWinds has a total of 18 thousand customers.
Supply chain attacks are hard to spot instantly because attackers remain passively on hold while the update is sent to customers and installed on systems. It takes action after a certain period of time.
The defense shield named Einstein, which the USA has implemented with billion dollar investments in order to detect cyber attacks on critical institutions, is also inadequate against such unknown attacks.
Experts argue that very sophisticated supply chain-style attacks cannot happen without government support such as China or Russia. Trump stated after the attack that it might have come from China.
Defense Minister Pompeo believes the attack originated from Russia. US Attorney General William Barr also thinks that the traces are in Russia. Russia flatly denied the accusations and claimed it was funny. However, US security units deepened their investigations into cyber attacks.
On the other hand, experts argue that there is no awareness among US institutions to prevent such serious attacks. Apart from artificial intelligence supported scanning software, it is stated that there are institutions that do not apply any of the 7 radical methods determined for institutions.