SECURITY
SECURITY
SECURITY
SolarWinds hack may be bigger than previously believed
The extent of the hack of SolarWinds WorldWide LLC continues to expand, as a report Saturday suggested it spread across hundreds of networks.
The hack, which according to Microsoft Corp. involved two advanced persistent threat groups likely from two different countries but mainly Russia, is said by The New York Times to be much further-reaching than initially believed.
The Times said that up to 250 networks fell victim to the hack, with the hackers managing their intrusion from servers inside the U.S. Where things take an interesting twist is a claim that those behind the hack exploited legal prohibitions on the U.S. National Security Agency from engaging in domestic surveillance.
In other words, the hackers undertook their hack and theft of data within the U.S. itself to avoid NSA surveillance. In doing so, they also managed to avoid cybersecurity screening by the Department of Homeland Security. The obsession with Russian hacking of U.S. elections may have also played a role, according to the Times.
“The government’s emphasis on election defense, while critical in 2020, may have diverted resources and attention from long-brewing problems like protecting the ‘supply chain’ of software,” the Times report said. “In the private sector, too, companies that were focused on election security, like FireEye and Microsoft, are now revealing that they were breached as part of the larger supply chain attack.”
The report comes after Microsoft published an update on New Year’s Eve on the SolarWinds hack. The update stated that Microsoft had found no evidence of access to production services or customer data. “The investigation, which is ongoing, has also found no indications that our systems were used to attack others,” the Microsoft Security Response Center noted. Previous reports suggested that Microsoft may have also been targeted.
That the SolarWinds hack may have been larger than original reports suggested comes as no surprise. SolarWinds Orion’s information technology monitoring and management software is known to be used by the U.S. military, the Pentagon, the Justice Department, the National Aeronautics and Space Administration, the Executive Office of the President and the National Security Agency, to name a few.
Currently, known victims include the U.S. Treasury and Commerce departments along with unconfirmed victims that included the U.S. Energy Department and National Nuclear Security Administration.
Photo: Pixahive
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
