The SolarWinds (opens in new tab) hack that affected hundreds of public and private networks across the globe may have been the work of thousands of cyberattackers.
Microsoft president Brad Smith told US news program 60 Minutes that an internal analysis of the attack found that “certainly more than 1,000” software engineers had been involved.
It remains unclear who these threat actors are or who coordinated their efforts, but most experts believe the SolarWinds attack was sponsored by the Russian state. Smith added his backing to this claim by highlighting that the Russian Government previously employed a mass supply chain disruption tactic in Ukraine.
- We've put together a list of the best endpoint protection (opens in new tab) software
- Keep your devices virus-free with the best malware removal (opens in new tab) software
- We've highlighted the best antivirus (opens in new tab) solutions around
In the same 60 Minutes segment, it was also revealed exactly how FireEye discovered the SolarWinds hack. Company CEO Kevin Mandia said that a security employee noticed that an individual had two phones registered under their name. Further investigation revealed that the second device was not legitimate. It was also disclosed that 4,032 lines of code were involved in the attack.
More to come?
It seems likely that further information will continue to gradually come to light regarding the SolarWinds attack, which Smith called “the largest and most sophisticated attack the world has ever seen.” Technology vendors, including Malwarebytes (opens in new tab), Microsoft (opens in new tab), and FireEye, have all been affected, as have several US Government agencies.
Because the SolarWinds hack was able to remain undetected for months, it allowed attackers to infiltrate hundreds of corporate networks. SolarWinds’ compromised Orion software (opens in new tab) is believed to have more than 30,000 customers.
Russia’s own National Coordination Center for Computer Incidents has also advised domestic businesses to prepare for retaliatory attacks, particularly against critical services. Despite this, Russia continues to deny any involvement in the SolarWinds attack.
- Also, check out our roundup of the best disaster recovery services (opens in new tab)
Via The Register (opens in new tab)