On April 15, 2021, the Biden administration announced an expansion of existing sanctions against the Russian government, notably including the intelligence service and affiliated parties identified as being responsible for the SolarWinds cyber-attack and other “specified harmful foreign activities,” and signaled a potential willingness to impose additional measures relating to Information and Communications Technology and Services (“ICTS”) from Russia.

The new measures include a modest expansion of existing sanctions targeting the Russian government and its agents, diplomatic expulsions of Russian officials in Washington DC, and other related cyber and defense measures. In announcing these new actions, the US government made public significant details about how Russian intelligence agencies allegedly conduct cyber espionage and other harmful activities through front companies. Notably, the US government formally attributed the SolarWinds cyber-attack to the Russian Foreign Intelligence Service (“SVR”).

Continue reading.