Skip to main content

Russia is expecting payback cyberattacks following SolarWinds hack

(Image credit:

A Russian government agency has warned domestic businesses to safeguard against retaliatory cyberattacks in response to the recent SolarWinds breach.

The country’s National Coordination Center for Computer Incidents (NKTsKI) provided advice to organizations regarding ways they could improve their cyber defenses.

"In the face of constant accusations of involvement in organizing computer attacks against the Russian Federation by representatives of the United States and their allies, as well as threats of "retaliatory" attacks on critical information infrastructure facilities of the Russian Federation, we recommend [organizations] take the following measures to improve the security of information resource," the NKTsKI's ALRT-20210121.1 security warning read.

Among the security measures suggested, the NKTsKI advises that businesses remind employees about possible phishing attempts, conduct an audit of their network information security, use multi-factor authentication, and monitor systems with increased vigilance.

Payback time

The SolarWinds breach has had a huge impact on organizations based all over the world, with information continuing to come to light regarding the total damage caused. As well as a host of US government agencies, the breach has reportedly affected numerous private corporate networks.

Security vendors have also not been spared. Microsoft, FireEye, CrowdStrike, and Malwarebytes have all reported being targeted by the hackers responsible for the SolarWinds breach.

Reports indicate that the SolarWinds hack is likely to have been instigated by state-sponsored actors, with most fingers pointing squarely in Russia’s direction. 

Although Russia has denied such claims, the fact that domestic businesses are being advised to safeguard against retaliatory attacks, suggests that there is some evidence supporting the accusations. 

While the fallout from the SolarWinds breach will surely continue, it is unlikely that the US will disclose information regarding any payback attacks, should they occur.

Via Bleeping Computer