US President Donald Trump has partly shifted the blame to the Chinese government over one of the massive hacking in the SolarWinds company.
In most of the initial reports, the US department always named ‘Russian’ hackers as the possible suspects for the breach. However, in the recent report from Associated Press and Business Insider, the President has now turned eyes against China.
Who to blame?
SolarWinds, one of the largest software provider in the world, was hacked using their own computer network tool, Orion.
According to investigation, 18,000 of its 300,000 customers might have been affected with the breach.
One of these agencies involved US Treasury and Commerce Department. Though a lot of other government agencies were rumored to be affected with the breach, there were no reports confirming hackers have stolen personal information from the private companies and government agencies.
Interestingly, as the investigation deepens, federal government has also joined the inquiries. On Saturday, Dec. 19, US Secretary of State Mike Pompeo controversially blamed Russia for the incident.
“We can say pretty clearly that it was the Russians that engaged in this activity,” says Pompeo on Friday.
Just like Pompeo, a lot of other investigations also named ‘Russian hackers’ for the said crime. They called the term APT29, or Cozy Bear.
How SolarWinds was hacked?
Unfortunately, this blame was not supported by cybersecurity firm, FireEye. They told reports that there were still no sufficient evidence to blame Russian hackers for this cyber attack.
Instead, they’ve given it a code called UNC2452.
Just like how SolarWinds hackers used Orion, they also used Duo on this attack.
“The logs from the Duo authentication server further showed that no attempts had been made to log into the account in question,” said the cybersecurity firm. “Volexity was able to confirm that session hijacking was not involved and, through a memory dump of the OWA server, could also confirm that the attacker had presented cookie tied to a Duo MFA session named duo-sid.”
China as suspect?
Surprisingly, US President Donald Trump has also joined the suspect-blaming for the attack. In its official Twitter account, he hinted that everyone should not easily shift the blame to Russia, since it was still not confirmed yet.
Rather than naming Russia, he somehow took the attention to Chinese government, in which he said that could’ve possibly done the attack. Highlighting the word of “may.”
“I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!).”
White House cancels Russian blaming statement
In an unknown reason, Associated Press reported that White House has decided to cancel the statement saying Russian hackers did the attack.
It was mentioned by the Business Insider that the White House was told to ‘stand down’ on the release of statement.
White House nor President Trump have not yet said anything about the issue.