Biden to unveil Russia sanctions over SolarWinds hack and election meddling

Package of sanctions expel 10 officials and follows massive US government cybersecurity breach

SolarWinds building The US has said the hack that affected government software made by SolarWinds was likely orchestrated by Russia. Photograph: Sergio Flores/ReutersThe US has said the hack that affected government software made by SolarWinds was likely orchestrated by Russia. Photograph: Sergio Flores/Reuters

in Moscow

The US is set to announce new sanctions against Russia as soon as Thursday in retaliation for Moscow’s interference in elections, alleged bounties on US soldiers in Afghanistan, and cyber-espionage campaigns such as the SolarWinds hack, according to reports in US and international media.

Ten Russian diplomatic officials are to be expelled from the US and up to 30 entities will be blacklisted, officials said, in the largest round of sanctions action against Russia of Joe Biden’s presidency.

Additionally, the White House may issue an executive order barring US financial institutions from buying rouble bonds issued by Moscow, targeting Russia’s sovereign debt and its broader economy. That could begin as soon as June, according to some reports.


What was the SolarWinds hack?


In early 2020, malicious code was sneaked into updates to a popular piece of software called Orion, made in the US by the company SolarWinds, which monitors the computer networks of businesses and governments for outages.

That malware gave hackers remote access to an organisation’s networks so they could steal information. Among the most high-profile users of the software were US government departments including the Centers for Disease Control and Prevention, the state department, and the justice department.

Described by the Microsoft president, Brad Smith, as “the largest and most sophisticated attack the world has ever seen”, US intelligence agencies have accused Russia of launching the attack.

SolarWinds, of Austin, Texas, provides network monitoring and other technical services to hundreds of thousands of organisations around the world, including most Fortune 500 companies and government agencies in North America, Europe, Asia and the Middle East.

Its compromised product, Orion, is a centralised monitoring tool that looks for problems in an organisation’s computer network, which means that breaking in gave the attackers a “God view” of those networks.

Neither SolarWinds nor US cybersecurity authorities have publicly identified which organisations were breached. Just because a company or agency uses SolarWinds as a vendor does not necessarily mean it was vulnerable to the hack.

Kari Paul and Martin Belam

Was this helpful?Thank you for your feedback.

Unnamed officials told the New York Times that the new sanctions were meant to cut deeper than previous attempts to punish Moscow for its attacks on US institutions and allies. Some Russian officials have laughed off being added to the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctions lists, comparing it to being elevated to an elite club. The threat of the ban on buying Russian debt has already depressed prices on the rouble and rouble-denominated OFZ treasury bonds.

A Kremlin spokesperson has condemned the expected sanctions as “illegal” and suggested that Moscow will retaliate.

The sanctions will add tension to an already strained relationship between Russia and the US. Since last month, Moscow has been engaged in the largest troop buildup on its border with Ukraine since the 2014 annexation of Crimea, provoking fears of an invasion.

Biden called Vladimir Putin on Tuesday to urge him to de-escalate tensions with Ukraine and proposed a summit in a third country. The Kremlin gave a frosty account of the phone call, and did not say whether Putin had agreed to the meeting.

SolarWinds hack was work of 'at least 1,000 engineers', tech executives tell Senate

Earlier this year, Biden agreed with a reporter when asked if Putin was “a killer”. Those remarks were replayed widely on Russian television. Putin responded by wryly wishing Biden “good health”, which was seen as a nod to Biden’s age.

The US president’s tough approach differs considerably from that of the Trump administration, which largely sought to avoid confronting Russia over a CIA assessment that Moscow had offered and paid bounties for foreign fighters to kill US troops in Afghanistan. Trump said he doubted the evidence behind the reports, calling it a “hoax”.

He similarly sided with Putin over an FBI assessment that Russia had interfered in the 2016 elections during a summit in Helsinki two years later.

The planned sanctions are said to be retaliation for Russian interference in the 2020 elections, in which US intelligence agencies concluded that the Kremlin had backed Trump over Biden.

Sign up for the Guardian's First Thing newsletter

The sanctions would also be a response to a sophisticated cybersecurity breach of SolarWinds Corp that affected software used by US government agencies. The US has blamed Russia for the attack.

The Kremlin spokesperson Dmitri Peskov said Russia would retaliate against the new sanctions. “The principle of reciprocity applies … to best ensure our own interests.”

He declined to say whether Putin and Biden had discussed the sanctions during their phone call this week. He also said the summit between the two leaders would not take place in the next several weeks.

The Biden administration announced sanctions last month over the poisoning and imprisonment of the opposition politician Alexei Navalny. The sanctions included visa restrictions, export restrictions on items that could be used to make chemical and biological weapons, and targeted action against seven senior members of the Russian government.

The measures also entailed an expansion of sanctions under the Chemical and Biological Weapons Control and Warfare Elimination Act.


Leave A Reply

Your email address will not be published.