Internet security firm FireEye has revealed the enormous SolarWinds hack that left upwards of 250 agencies and businesses unprotected for weeks was launched from inside the US – but that hasn’t stopped them from blaming Moscow.
The mega-hack, which affected 250 networks including US government agencies, went undetected by Washington’s security systems because it originated within the US, FireEye told the New York Times. But while one might expect this revelation to pour cold water on the metastasizing, baseless claims that Russia was responsible for the intrusion, speculation about the country’s role has only increased.
The western media establishment has remained largely silent about the latest development in the SolarWinds saga, perhaps embarrassed to blame a foreign country for one’s own inability to safeguard clients’ data. Indeed, the US agencies supposedly tasked with detecting and preventing such attacks – the National Security Agency, the Department of Homeland Security, and the Pentagon’s Cyber Command – all missed the breach. Instead, it took FireEye, a firm that even the AP admits specializes in pinning American security fails on the Kremlin, to uncover the sprawling security snafu.
FireEye allegedly discovered the vulnerability only after those “state actors” broke into its own network to steal security tools, and the Times acknowledged the company has “a history of lackluster security for its products.” However, the same outlet’s coverage suggests such a breach could only have been accomplished with high-level hacking tools backed by a state.
Even the usual Russia hawks were baffled at why the Kremlin would go through all the trouble of infiltrating stateside servers only to – as far as experts can tell – take nothing and leave the system itself intact. “We still don’t know what Russia’s strategic objectives were,” former DHS official Suzanne Spaulding told the New York Times on Sunday – apparently unwilling to consider the heretical notion that Russia might not be the culprit.
Despite the media’s decision to take the “Russia did it” narrative and run with it, FireEye itself has shied away from explicitly pinning the attack on the Kremlin, instead merely claiming it was a government-backed hack. The Associated Press, however, stepped in to fill the blanks, declaring “industry experts” had said it “bore the hallmarks of Russian tradecraft.”
One of those “experts”, Dmitri Alperovitch, was the CEO of CrowdStrike, which famously accused Russia of hacking the Democratic National Committee and failed presidential candidate Hillary Clinton’s campaign in 2016. Even though the software used to pull off those hacks was widely available and the firm itself could only muster “low to medium” confidence regarding a supposed link to the Russian government, that didn’t stop the company from presenting its conclusions as if set in stone. CrowdStrike claimed last week that it was also targeted for hacking by the latest group of “Russians,” but claimed that unlike FireEye, it had withstood the infiltration attempt.