As reported by engadget,
Unfortunately, it has taken 3 weeks after discovering an intrusion this significant for this Administration to issue a tentative attribution. I hope we’ll begin to see a public declaration of U.S. policy towards indiscriminate supply chain infiltrations like this in the future.
— Mark Warner (@MarkWarner) January 5, 2021
Officials believe that around 18,000 “public and private sector customers” of SolarWinds’ products have been affected in the hack. They added that a “much smaller number” were then subject to “follow-on activity” in their systems, which includes “fewer than” 10 government agencies. The multi-agency group says that is working to investigate and help where it can, with the FBI working to identify victims and the hackers. CISA, meanwhile, will offer a tool to help victims detect malicious activity stemming from the hack.
SolarWinds is a network monitoring company with a product called Orion, which hackers managed to breach at some point in March. The list of companies and government bodies that used Orion, however, included names like the US Nuclear Security Administration, Department of Energy, security company CrowdStrike, not to mention Microsoft. One of the reasons the attack was so wide-spread was due to the failure of several early-warning systems.
In the statement, the agencies say that picking through the remains of this hack will require a “sustained and dedicated effort to remediate.”