AST – A Russian IT security firm with clients that include the Russian Ministry of Defense, SVR, and FSB, meant to provide technical support to cyber operations conducted by the FSB, GRU, and SVR.Neobit – A Russia-based IT security firm having clients that include the Russian Ministry of Defense, SVR, and Russia’s Federal Security Service (FSB).
The US companies and financial institutions will no longer be able to do business with the sanctioned companies unless they are first applying for and receiving a special license from the Office of Foreign Assets Control. President Biden has issued today an executive order related to blocking property in regards to harmful activities from the government of the Russian Federation, and following this, the Treasury Department has issued several sanctions against a few Russian technology companies for the role they’ve played in the SolarWinds incident. interests, in a try to make sure that organizations are taking take the necessary steps to identify and defend against malicious activity conducted by the SVR. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) are warning about the top five vulnerabilities the SVR is exploiting in attacks against the U.S. Moreover, it places an undue burden on the mostly private sector victims who must bear the unusually high cost of mitigating this incident. The scope of this compromise is a national security and public safety concern. The SVR had access to more than 16,000 computers across the world, but they targeted only a select few, like companies involved in the cybersecurity sector (FireEye, Malwarebytes, Mimecast) and state and federal agencies in the U.S.
Intelligence Community has high confidence in its assessment of attribution to the SVR. Today the United States is formally naming the Russian Foreign Intelligence Service (SVR), also known as APT 29, Cozy Bear, and The Dukes, as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures. The press release is supporting what media reports previously said, that the Russian Foreign Intelligence Service, was behind the SolarWinds hack, with the White House officially putting the blame on the SVR for carrying out “the broad-scope cyber-espionage campaign” through its hacking division commonly referred to as APT29, The Dukes, or Cozy Bear.
The White House declared that the Cozy Bear group of advanced hackers was the author of the cyber espionage activity exploiting the SolarWinds Orion platform. United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that provided hackers with access into as many as 18,000 government entities and Fortune 500 companies as to at least nine federal agencies and more than 100 companies were exposed to the breach.