Tech firms say there's little doubt Russia behind major hack

Full Screen
1 / 5

2021 Getty Images

FireEye CEO Kevin Mandia, SolarWinds CEO Sudhakar Ramakrishna and Microsoft President Brad Smith testify during a Senate Intelligence Committee hearing on Capitol Hill on Tuesday, Feb. 23, 2021 in Washington. (Drew Angerer/Photo via AP)

WASHINGTON – Leading technology companies said Tuesday that a monthslong breach of corporate and government networks was so sophisticated, focused and labor-intensive that a nation had to be behind it, with all the evidence pointing to Russia.

In the first congressional hearing on the breach, representatives of technology companies involved in the response described a hack of almost breathtaking precision, ambition and scope. The perpetrators stealthily scooped up specific emails and documents on a target list from the U.S. and other countries.

“We haven’t seen this kind of sophistication matched with this kind of scale,” Microsoft President Brad Smith told the Senate Intelligence Committee.

Smith said investigators estimate at least 1,000 highly skilled engineers would have been required to develop the code that hijacked widely used network software from Texas-based SolarWinds to deploy malware around the world through a security update.

“We’ve seen substantial evidence that points to the Russian foreign intelligence agency, and we have found no evidence that leads us anywhere else," Smith said.

U.S. national security officials have also said Russia was likely responsible for the breach, and President Joe Biden's administration is weighing punitive measures against Russia for the hack as well as other activities. Moscow has denied responsibility for the breach.

Officials have said the motive for the hack, which was discovered by private security company FireEye in December, appeared to be to gather intelligence. On what, they haven't said.

At least nine government agencies and 100 private companies were breached, but what was taken has not been revealed.