A cyber attack recently discovered in the United States, the ‘SolarWinds hack’ has emerged as one of the largest ever aimed against the US government, its agencies, and many other private enterprises. It is, in truth, possibly a global cyberattack.
The US cybersecurity company FireEye first discovered it, and more advances have continued to come to light every day since then. The sheer extent of the cyber-attack remains unclear, but it is suspected that the US Treasury, the Department of Homeland Security, the Department of Commerce, and parts of the Pentagon were all affected.
Russia was named for the attack in an opinion piece written for The New York Times by Thomas P Bossert, who was President Donald Trump’s Homeland Security Advisor. He wrote “evidence to the Russian intelligence agency known as the SVR, whose trade is among the most advanced in the world, in the SolarWinds attack points.” The Kremlin has rejected its participation.
About Cyber Attack: ‘SolarWinds hack’
Technically, news of the cyber attack initially spread on December 8, when FireEye posted a blog reporting an attack on its networks. The business helps with many major private corporations and federal government agencies’ security management.
In a blogpost, FireEye CEO Kevin Mandia wrote that the company was “attacked by a highly sophisticated threat actor,” calling it a state-sponsored assault, while Russia was not identified. It said the attack was carried out “with top-tier offensive capabilities” by a country, and “the attacker primarily pursued data related to certain government customers.” It also said that the attackers’ techniques were novel.
Then on December 13, FireEye said that the cyberattack, which is called the UNC2452 operation, was not limited to the business, but targeted numerous “public and private organizations around the world.” The campaign probably started in March 2020 and has been running for months, the post said. Worse, considering the magnitude of the attack is still being uncovered, the amount of data stolen or compromised is still uncertain. “lateral movement and data theft” took place after networks were hacked.
Many US Government Agencies And Companies Get Attacked: How?
This is called a ‘Supply Chain’ attack: Instead of targeting the federal government or the network of a private company directly, the hackers threaten a third-party provider that provides them with software. In this case, the aim was software for IT management called Orion, supplied by SolarWinds, a Texas-based company.
Orion has been a dominant customer of SolarWinds software, which comprises more than 33,000 businesses.