If only people knew how true that is. It is pretty standard in offensive cyber warfare to create evidence that makes it look like the hack came from another state.
To determine where the hack came from, investigators look at what tools where used (each country usually develop there own tools so they are unique), the standard operation procedure of the hack, and the disassembly of the executive program (disassembling the hacking tools left on the compromised machine, basically recreating the code of the program which has header info and other identification in it).
Usually cyberwarfare groups want to remain hidden, so they get another states tools and copy there operating procedures during a hack. To the investigators it looks like, for example, Russian groups did the hack. The tools where made in Russia, maybe there's Russian language comments in the code, the operation procedures are similar to Russian style. But in reality, it was, for example, Israel who wanted to make it look like Russia.
This is pretty standard stuff and I don't believe the Russian narrative of the Solar Winds breach at all. There are 179 other countries and thousands of private groups around the world that would love to have hacked the US government. I think this whole Russia hacker narrative is lazy reporting and the US doesn't want to expose how vulnerable they really are.
If only people knew how true that is. It is pretty standard in offensive cyber warfare to create evidence that makes it look like the hack came from another state.
To determine where the hack came from, investigators look at what tools where used (each country usually develop there own tools so they are unique), the standard operation procedure of the hack, and the disassembly of the executive program (disassembling the hacking tools left on the compromised machine, basically recreating the code of the program which has header info and other identification in it).
Usually cyberwarfare groups want to remain hidden, so they get another states tools and copy there operating procedures during a hack. To the investigators it looks like, for example, Russian groups did the hack. The tools where made in Russia, maybe there's Russian language comments in the code, the operation procedures are similar to Russian style. But in reality, it was, for example, Israel who wanted to make it look like Russia.
This is pretty standard stuff and I don't believe the Russian narrative of the Solar Winds breach at all.