White House slaps sanctions on Russian cyber activities while blaming SVR for SolarWinds campaign

Written by

The Biden administration on Thursday imposed sweeping sanctions on Russian intelligence operatives for their alleged interference in the 2020 U.S. election, and on Russian companies for allegedly supporting Moscow’s extensive cyber-espionage operations.

The Treasury Department sanctioned 32 organizations and individuals for their alleged influence operations aimed at the U.S. election. The White House said it was part of an effort to “disrupt the coordinated efforts of Russian officials, proxies, and intelligence agencies to delegitimize our electoral process.”

As part of the crackdown, Treasury sanctioned six Russian tech firms for allegedly providing support to Russian intelligence services’ hacking operations by developing malicious software or setting up IT infrastructure.

U.S. officials also made official what had long been rumored: They believe with “high confidence” that Russia’s foreign intelligence agency, the SVR, carried out the hacking campaign that has exploited software made by contractor SolarWinds and other vendors to infiltrate nine U.S. agencies and 100 private firms. The White House explicitly named a notorious hacking group known as APT29 or Cozy Bear  — one of the spy outfits behind the 2016 hack of the Democratic National Committee — as being responsible for the SolarWinds compromises.

The Biden administration actions against alleged Russian activity come at a tense time in bilateral relations. The U.S. and its European allies have expressed concern over Russia’s buildup of troops near the border of Ukraine, as a conflict between Russian-backed insurgents and the Ukrainian government drags on.

President Joe Biden used a new executive order to authorize the actions, which also included a prohibition on U.S. financial firms participating in the “primary” bond market maintained by Russia’s Central Bank and other Russian institutions after June 14.

The White House also said the U.S. government had expelled 10 people from Russia’s diplomatic mission in Washington, including “representatives of Russian intelligence services.”

While some private-sector analysts have wondered how the alleged SVR operation differs from traditional cyber-espionage, the White House made the case Thursday that the scope of the hacking is a “national security and public safety concern” and that “it places an undue burden on the mostly private sector victims who must bear the unusually high cost of mitigating this incident.”

U.S. officials are weighing whether to take additional action under an executive order to protect the IT supply chain “from further exploitation by  Russia,” the White House said.

Moscow has denied involvement in the so-called SolarWinds campaign.

Also Thursday, U.S. government agencies issued an alert aimed at the private sector, saying that the SVR was exploiting five vulnerabilities to target U.S. companies.

-In this Story-

APT29, Biden administration, Cozy Bear, deterrence, espionage, Joe Biden, Russia, Russian hackers, sanctions, SolarWinds, SVR, White House