UPDATED 21:00 EDT / JANUARY 03 2021

SECURITY

SolarWinds hack may be bigger than previously believed

The extent of the hack of SolarWinds WorldWide LLC continues to expand, as a report Saturday suggested it spread across hundreds of networks.

The hack, which according to Microsoft Corp. involved two advanced persistent threat groups likely from two different countries but mainly Russia, is said by The New York Times to be much further-reaching than initially believed.

The Times said that up to 250 networks fell victim to the hack, with the hackers managing their intrusion from servers inside the U.S. Where things take an interesting twist is a claim that those behind the hack exploited legal prohibitions on the U.S. National Security Agency from engaging in domestic surveillance.

In other words, the hackers undertook their hack and theft of data within the U.S. itself to avoid NSA surveillance. In doing so, they also managed to avoid cybersecurity screening by the Department of Homeland Security. The obsession with Russian hacking of U.S. elections may have also played a role, according to the Times.

“The government’s emphasis on election defense, while critical in 2020, may have diverted resources and attention from long-brewing problems like protecting the ‘supply chain’ of software,” the Times report said. “In the private sector, too, companies that were focused on election security, like FireEye and Microsoft, are now revealing that they were breached as part of the larger supply chain attack.”

The report comes after Microsoft published an update on New Year’s Eve on the SolarWinds hack. The update stated that Microsoft had found no evidence of access to production services or customer data. “The investigation, which is ongoing, has also found no indications that our systems were used to attack others,” the Microsoft Security Response Center noted. Previous reports suggested that Microsoft may have also been targeted.

That the SolarWinds hack may have been larger than original reports suggested comes as no surprise. SolarWinds Orion’s information technology monitoring and management software is known to be used by the U.S. military, the Pentagon, the Justice Department, the National Aeronautics and Space Administration, the Executive Office of the President and the National Security Agency, to name a few.

Currently, known victims include the U.S. Treasury and Commerce departments along with unconfirmed victims that included the U.S. Energy Department and National Nuclear Security Administration.

Photo: Pixahive

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU