SolarWinds hack may have been a global attack

Zero-day attack
(Image credit: Shutterstock.com)
Audio player loading…

Yet more information has come to light regarding the SolarWinds (opens in new tab) cyberattack that compromised a host of government and corporate networks late last year. 

According to an investigation conducted by the New York Times (opens in new tab), the attack may have had a far larger impact than initially feared and its origins may lie thousands of miles away from its US victims.

Originally it was thought that the SolarWinds attack had breached around two dozen US government and corporate networks but the latest evidence suggests that as many as 250 networks may have been compromised. Research by major private tech firms like Amazon and Microsoft (opens in new tab) is slowly uncovering more details about the attack, which it appears exploited many layers of the digital supply chain.

Russia has been blamed for the incident, the purpose of which remains unknown. Potentially, the attack could have allowed threat actors to gain access to highly sensitive information, including some relating to the US nuclear weapons program.

Defensive flaws

Interestingly, investigators are now exploring whether the attack may have originated not in Russia but in Eastern European countries where some SolarWinds software is manufactured. Russian intelligence retains a deep-rooted presence in some of these nations, which could have allowed operatives to lay the groundwork for the recent attack.

More worryingly, recent evidence suggests that a number of cyberdefence missteps may have helped the attackers in their efforts. Early warning sensors placed by Cyber Command and the National Security Agency (NSA) evidently failed, and a myopic focus on the presidential election may have diverted attention away from software defense, granting the attackers more space in which to operate.

Moreover, it appears that the SolarWinds attackers carried out their attacks from servers based in the US, allowing them to exploit legal protocols that prevent the NSA from carrying out domestic surveillance that would have potentially spotted the hack.

Via Engadget (opens in new tab)

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.