www.gao.gov
Russian SVR Exploits SolarWinds and Other Vulnerabilities Against U.S. Networks
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
The Russian Foreign Intelligence Service (SVR) has been exploiting multiple vulnerabilities, including the SolarWinds breach, to compromise U.S. and allied networks. The SolarWinds attack, which began in September 2019, involved the insertion of trojanized code into software updates, affecting nearly 18,000 customers, including federal agencies. The SVR has also targeted COVID-19 research facilities and exploited other vulnerabilities such as those in VMware products. The NSA, CISA, and FBI have issued advisories to mitigate these threats and encourage network defenders to check for indicators of compromise. The ongoing exploitation of these vulnerabilities poses a significant risk to national security and critical infrastructure.
Key Points: • The SolarWinds breach affected approximately 18,000 customers, including federal agencies. • SVR is exploiting multiple known vulnerabilities, including those in VMware products. • U.S. agencies have issued advisories urging immediate action to mitigate these threats.