SolarWinds hack: Russian denial 'unconvincing'

Published
image captionRussia's Foreign Intelligence Service (SVR) director Sergei Naryshkin speaks to BBC Moscow correspondent Steve Rosenberg

Russia's denial of involvement in the SolarWinds hack is "unconvincing", the former head of GCHQ's National Cyber Security Centre has said.

Russia’s Foreign Intelligence Service (SVR) director Sergei Naryshkin had said he was “flattered” by the accusations from the UK and US but denied involvement.

The hack is considered the largest and most sophisticated cyber-attack so far.

GCHQ said it was "highly likely" the SVR was responsible.

'Compelling evidence'

And Prof Ciaran Martin said there was evidence the tactics, techniques and tools used by the hackers matched "many years of SVR activity".

“There is compelling evidence pointing to Russia,” he told BBC Radio 4’s Today programme.

“The targets they carefully selected and exploited… were mostly high value, high prestige, strategically important American targets.

“So if it was America doing it to itself, why?

"And why were there so many willing participants in such a pointless act of deception?

"It doesn't make any sense.”

Malicious software

The cyber-attack was discovered in December but had been in operation for months before.

Hackers used US company SolarWinds’ Orion platform to target US government departments, about 100 private companies and small numbers of UK organisations. But nearly 18,000 customers had installed the malicious software.

media captionRussia's spy chief Sergei Naryshkin gives BBC News a rare interview about the SolarWinds cyber-attack

Asked if the SVR had been responsible, Mr Naryshkin said he could not "claim the creative achievements of others as his own".

"These claims are like a bad detective novel," he told BBC Moscow correspondent Steve Rosenberg.

Mr Naryshkin then quoted from documents leaked by former National Security Agency contractor Edward Snowden to suggest the tactics of the attack were similar to those used by US and British intelligence agencies.

“I don’t want to assert that this cyber-attack was carried out by a US agency - but the tactics are similar,” he said.

And accusations Russia was involved in cyber-attacks, poisonings, hacks, or meddling in elections were “absurd” and “pathetic”.

Russia’s spy chief also revealed contact had been re-established with the head of Britain's secret intelligence service MI6, adding he hoped for a face-to-face meeting soon.

Countries hack each other all the time - for information, influence and intimidation.

Most cyber-campaigns go unreported, with wins and losses chalked up on secret boards by rival intelligence agencies.

But SolarWinds was different.

Not only was it a big loss for the US, it also broke out of top-secret circles.

The consensus in the cyber-security world is the hack falls squarely in the "fair game" category of cyber-spying.

But the disruption and embarrassment it caused is unprecedented.

Some of the biggest technology companies and cyber-defenders in the world were breached and high levels of US government accessed.

We will never know what secrets the hackers were able to steal or how deep they delved.

What we do know from this interview is the cyber-attack followed a familiar pattern - the West accuses Russia of the hack, Russia laughs it off and organisations spend millions more on their cyber-security defences, hoping it will never happen again.

More on this story