U.S. Imposes Stiff Sanctions on Russia, Blaming It for Major Hacking Operation – The New York Times

Inside American intelligence agencies, there have been warnings that the SolarWinds attack — which enabled the SVR to place “back doors” in the computer networks — could give Russia a pathway for malicious activity against government agencies and corporations.

Jake Sullivan, Mr. Biden’s national security adviser, has often said that sanctions alone will not be sufficient, and said there would be “seen and unseen” actions against Russia. Mr. Biden, before his inauguration, suggested the United States would respond in kind to the hack, which seemed to suggest some kind of clandestine cyberresponse. But it may take weeks or months for any evidence of that activity to come to light, if it ever does.

The order also designates six Russian companies for providing support to the cyber-activities of the Russian intelligence service.

The actions taken Thursday were in response to the SolarWinds attack and election interference. In addition, administration officials said they had sent diplomatic messages to Russia expressing concern about intelligence reports that Russia had paid bounties to encourage Taliban attacks on American troops. But a senior official said intelligence agencies only had low-to-moderate confidence in their assessment, because it was based in part on information from detainees.

In the SolarWinds breach, Russian government hackers infected network-management software used by thousands of government entities and private firms in what officials believe was, at least in its opening stages, an intelligence-gathering mission.

The SVR, also known as the Russian Foreign Intelligence Service, is primarily known for espionage operations. The statement said American intelligence agencies have “high confidence in its assessment of attribution” of responsibility to Russia.

In an advisory, the United States described for private companies specific details about the software vulnerabilities that the Russian intelligence agencies used to hack into the systems of companies and governments. Most of those have been widely known since FireEye, a private security firm, first found evidence of the hack in December. Until FireEye’s discovery, the actions had been entirely missed by the U.S. government, largely because the attack was launched from inside the United States — where, as the Russians know well, American intelligence agencies are prohibited from operating.