The United States Government on Thursday announced sanctions against 30 Russians, key financial institutions and expulsion of 10 Russian diplomats in response to what it says are cyber-attacks and other hostile acts for interference in last year”s presidential election and the hacking of American federal agencies.
In 2020, cyber-security researchers identified a hack in a piece of software called SolarWinds – which gave cyber-criminals access to 18,000 government and private computer networks. The hackers gained access to digital files of several US government agencies, including the treasury, justice and state departments.
Microsoft president Brad Smith said in February the SolarWinds hack was “the largest and most sophisticated” the world had ever seen.
The sanctions are also meant to impose a penalty over Russia”s continued occupation of Crime, which it infiltrated and annexed from Ukraine seven years ago, and for reportedly offering bounties for attacks against US and coalition military personnel in strife-torn Afghanistan.
In a communication to Congress, President Joe Biden said that he has determined that specified harmful Russian activities — in particular, efforts to undermine the conduct of free and fair democratic elections and democratic institutions in the US and its allies and partners; constitute an unusual and extraordinary threat to the national security, foreign policy, and economy of the US.
Russia has denied any involvement in US elections or on offering the bounties. Moscow has also said that it has nothing to do with the SolarWinds computer attack.
The Biden administration rolled out the sanctions in an executive order in coordination with the State Department and the Treasury Department.
The executive order sends a signal that the US will impose costs in a strategic and economically impactful manner on Russia if it continues or escalates its destabilising international actions, the White House said.
This includes, in particular, efforts to undermine the conduct of free and fair democratic elections and democratic institutions in the United States and its allies and partners; and engage in and facilitate malicious cyber activities against the United States and its allies and partners.
It also includes fostering and use of transnational corruption to influence foreign governments; pursuing extraterritorial activities targeting dissidents or journalists; undermining security in countries and regions important to United States national security; and violating well-established principles of international law, including respect for the territorial integrity of states.
Following the executive order, the Department of Treasury issued a directive that prohibits US financial institutions from participation in the primary market for ruble or non-ruble denominated bonds issued after June 14, 2021 by the Central Bank of the Russian Federation, the National Wealth Fund of the Russian Federation, or the Ministry of Finance of the Russian Federation.
It also prohibits them from and lending ruble or non-ruble denominated funds to the Central Bank of the Russian Federation, the National Wealth Fund of the Russian Federation, or the Ministry of Finance of the Russian Federation. This directive provides authority for the US government to expand sovereign debt sanctions on Russia as appropriate.
Treasury also designated six Russian technology companies that provide support to the Russian Intelligence Services’ cyber programme, ranging from providing expertise to developing tools and infrastructure to facilitating malicious cyber activities.
These companies are being designated for operating in the technology sector of the Russian Federation economy. “We will continue to hold Russia accountable for its malicious cyber activities, such as the SolarWinds incident, by using all available policy and authorities,” the White House said.
The administration is responding to the reports that Russia encouraged the Taliban attacks against US and coalition personnel in Afghanistan based on the best assessments from the Intelligence Community.
The United States announced to expel ten personnel from the Russian diplomatic mission in Washington, DC. The personnel include representatives of Russian intelligence services.
The Biden administration formally named the Russian Foreign Intelligence Service (SVR), also known as APT 29, Cozy Bear, and The Dukes, as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures. The US Intelligence Community has high confidence in its assessment of attribution to the SVR.
The SVR’s compromise of the SolarWinds software supply chain gave it the ability to spy on or potentially disrupt more than 16,000 computer systems worldwide. The scope of this compromise is a national security and public safety concern.
“Moreover, it places an undue burden on the mostly private sector victims who must bear the unusually high cost of mitigating this incident,” the White House said.
The advisory also provides specific steps that network defenders can take to identify and defend against the SVR’s malicious cyber activity, it said.
According to the White House, the United States continues to strongly affirm the importance of an open, interoperable, secure, and reliable Internet. Russia’s actions run counter to that goal, which is shared by many of our allies and partners. To strengthen collective approach to bolstering cybersecurity, the Biden Administration announced two additional steps.
First, the US is bolstering its efforts to promote a framework of responsible state behaviour in cyberspace and to cooperate with allies and partners to counter malign cyber activities. “Second, we are reinforcing our commitment to collective security in cyberspace…,” the White House said.
The sanctions are coming just two days after President Joe Biden warned President Vladimir Putin that the U.S. would defend its interests. He had also offered the possibility of a summit meeting in the coming months, drawing a cautiously positive response from Moscow.