The ‘SolarWinds hack’ is one of the biggest cyberattacks that have targeted US government agencies and private companies, which is seen as a rather global effort. US cybersecurity company FireEye first discovered this, and after that many, more developments keep coming to light each day.
The exact extent of the cyber-attack is still unknown. However, it is being said that the US Treasury, Commerce, State, Energy, Department of Homeland Security, Department of Commerce, parts of the Pentagon: are all affected. In an opinion piece written for The New York Times, Thomas P Bossert, Homeland Security Adviser for President Donald Trump, has accused Russia of the attack.
But how did so many US government agencies and companies get attacked?
This is known as a ‘Supply Chain’ attack: Instead of directly attacking the federal government or a private organization’s network, the hackers target a third-party vendor, from where they get the software supplied to them. In this hacking, the target was an IT management software called Orion, supplied by the Texas-based company SolarWinds.
Orion has been a dominant software from SolarWinds with clients, which include over 33,000 companies. According to SolarWinds, 18000 of its clients have been impacted. However, the company has deleted the list of clients from its official websites.
The above-mentioned departments are not the only ones affected. Further investigations have revealed. There are other government agencies and companies who are still in the process of identifying the stolen data. In fact, not only they but also most tech companies have also come under hackers’ attack. Tech giants like Cisco, Intel, Nvidia, Belkin, and VMware all got their systems infected with malware.
According to a statement released by SolarWinds, “fewer than 18,000 companies were impacted”. They didn’t disclose the list of clients who used the infected software, choosing to hide the fact. In fact, the tech houses are retelling the same phrase, “we’re investigating, but we don’t think this has impacted us.”
Because it takes a long time for the impacts of a hack to the surface, once hackers get into a system, it’s hard to know whether they are still inside or no.
The hackers’ primary target is the tech companies, to get hold of their future product plans or employee and customer information to sell to a third party or hold for ransom. But it’s also possible that these companies were only a part of collateral damage because the hackers mainly aimed at government agencies, which incidentally happened to share the same SolarWinds-provided IT management systems.
But it seems that till now, the tech companies don’t seem to be particularly worried. Because to be honest, the companies may not have reasons to be also concerned since it is the user’s vulnerable data.