US government software provider SolarWinds confirms it was hacked


The US Treasury and Commerce Department hack was reported first Sunday Involving Russian state-sponsored hackers was officially credited today with compromising SolarWinds Worldwide LLC software.

As previously reported by SiliconANGLE, SolarWinds software is used by much of the US government, including the US Military, Pentagon, Department of State, Department of Justice, National Aeronautics and Space Administration, Executive Office of the President, and the National Security Agency .

SolarWinds provided more details about the hack, saying that up to 18,000 of its customers downloaded a “compromised software update” that allowed hackers to silently spy on businesses and government agencies for nine months. Formerly SolarWinds called that its surveillance products released in March and June may have been tampered with – and that was nine months ago.

While it’s bad that much of the US government is being hacked, SolarWinds has complied with the California Consumer Privacy Act and published one formal consultation He explained that his “systems were subject to a sophisticated, manual supply chain attack.”

Mark Carrigan, Chief Operating Officer at PAS Global LLC, told SiliconANGLE that given the massive global scale of installations, the stakes in the SolarWinds hack are high. “Many of these installations are in highly sensitive industrial operations where network visibility has traditionally been weaker,” he said. “Indeed, just today, the ESCC, whose membership includes some of the largest U.S. utility companies, assembled to discuss the emerging threat and how to respond.”

He added that companies across all industries must respond by first identifying where SolarWinds software is installed in their environments. “From there, they need to further refine their inventory by determining the versions that are running to assess the vulnerability risk that may or may not exist,” he said. “Without doing this, these risks scale along with the vulnerabilities, and from an industrial perspective, this puts critical functions that impact daily life at risk.”

Brandon Hoffman, chief information security officer at a cybersecurity firm Netenrich Inc.noted that a link to FireEye Hack Earlier this month might be a coincidence, but no more.

“It’s reasonable to assume that immediately after the FireEye breach, the adversaries used their tools and committed this violation of the Department of Commerce,” Hoffman said. “However, careful investigation seems to lead us to conclude that this has been the case for much longer. The attack type described so far includes several low and slow techniques. The term “Advanced Persistent Threat” was coined to describe such an attack.”

While investigating the damage, the main thing to determine is whether the organization is at risk, Hoffman added. “For any SolarWinds Orion customer, it pays to dig as deep as possible to understand the implications,” he said.

Image: SolarWinds

Show your support for our mission by joining our community of experts, Cube Club and Cube Event. Join the community that includes Andy Jassy, ​​CEO of Amazon Web Services and Amazon.com, Michael Dell, Founder and CEO of Dell Technologies, Pat Gelsinger, CEO of Intel, and many more luminaries and experts.

Previous Why Black-run businesses have been hit hardest by the pandemic
Next Surf clubs on day four helping out with flood rescue