Cyber - A man uses the illuminated keyboard of a laptop 260716 CREDIT PA
Cyber

UK And US Call Out Russia's 'Malicious Behaviour'

The National Cyber Security Centre said it is highly likely Russia gained unauthorised access to SolarWinds.

Cyber - A man uses the illuminated keyboard of a laptop 260716 CREDIT PA

The United Kingdom and the United States are calling out Russia's "malicious behaviour", the Foreign Office has said.

Britain has accused Russia's Foreign Intelligence Service (SVR) of responsibility for a major cyber attack affecting thousands of organisations in the West.

The Foreign, Commonwealth and Development Office (FCDO) said it had been assessed that it was "highly likely" that the SVR was behind the so-called SolarWinds hack.

The Foreign Secretary said: "We see what Russia is doing to undermine our democracies."

Dominic Raab added that the UK will "continue to work with allies to call out Russia's malign behaviour".

Russia's ambassador Andrei Kelin was summoned to the Foreign Office to be told the UK will continue to work with allies "to call out and counter malign operations" by Moscow's spies.

The compromise of the SolarWinds IT services firm, which was discovered last December, is thought to represent one of the most serious cyber espionage attacks suffered by the US.

The compromise of SolarWinds is thought to represent one of the most serious cyber espionage attacks suffered by the US (Picture: MOD).

Russian hackers are believed to have infected its widely used Orion software with a malicious code enabling them to access the systems of at least nine US agencies and 18,000 organisations worldwide, including NATO and the European Parliament.

The FCDO said the impact in the UK had been assessed by the National Cyber Security Centre (NCSC) – part of GCHQ – as "low" with a "low single-digit number" of public sector bodies having been targeted.

It said the Government had been working with the affected organisations to ensure they were "rapidly mitigated".

According to the NCSC assessment, the attack was carried out by a group of hackers known as Cozy Bear or The Dukes, which the FCDO said were linked to the SVR.

It also said that it was part of a "wider pattern of cyber intrusions" by the Russian spy agency dating back at least a decade.

The announcement came as the Biden administration announced it was expelling 10 Russian diplomats in response to the Kremlin's targeting of federal agencies and attempts to interfere in last year's presidential election.

Cover image: PA.