#Solarwinds hack 2020 software
The malware was laced into the software updates that breached network security and allowed access to data including mail, with FireEye saying the breaches began around last March.Īccording to SolarWinds, 18,000 users of Orion have potentially suffered a security breach, including government agencies and Fortune 500 companies.įor now, experts say the hackers seem primarily to have used a security flaw, dubbed Sunburst, to break into US governmental agencies, insert malicious code and gain access to data to aid state espionage.įireEye discovered the flaw through its own usage of SolarWinds and was itself affected by certain tools it was deploying to test its clients' security.Īccording to FireEye, what it termed a state sponsored attack targeted governments as well as leading global enterprises notably in the technology and energy sectors in North America, Europe, Asia and the Middle East.Īccording to Jacques de la Riviere, who runs French cybersecurity firm Gatewatcher, it is still too early to know which other firms or institutions have been infiltrated.
The software had enjoyed much commercial success based not least on its state of the art ergonomic interface. Taking care only to upload stolen data in relatively small quantities, the hackers reportedly breached software used by the US Treasury Department, the Commerce Department and the Department of Homeland Security, allowing them to view internal email traffic, prompting an FBI investigation. The attack was discovered by cybersecurity company FireEye, which, along with SolarWinds, has pointed the finger at people linked to the Russian government.
#Solarwinds hack 2020 update
Rather than attack directly clients who include top accounting firms-but also the full gamut of military branches-the hackers aimed to compromise the software's automatic update function.īeyond the content of the data hacked, the break-in further allowed the crypto burglars to gain an idea of their victim's systemic structural vulnerabilities. Hackers managed to compromise and instal malware on a piece of security software -– the Orion security tool developed by SolarWinds which is used for management and supervision of IT networks at many large companies and several US government agencies. Here is what we know to date about the sophisticated attack:
0 kommentar(er)
