30% of ‘solar winds’ victims did not actually use solarwind software, says Feds

Visited US Department of Homeland Security Building in Washington, DC.

U.s. Homeland Security Department Building Visited in Washington, DC.
Photo: Alastair Pike / AFP ()Getty Images)

Hacker group behind on Solar wise The scandal found other ways to infiltrate American companies and public agencies, rather than simply compromising the titular software company. In fact, about a third of the hack’s victims – about 30%– There is no connection to solar winds, a senior federal security official said this week.

Brandon Wells, executive director of the Cyberspace and Infrastructure Security Agency, Told the Wall Street Journal The hackers “gained access to their targets in various ways” and it is “entirely correct that this campaign should not be thought of as a solar winds campaign.”

Actually, cyber security scandal – which has been proved Largest in american history– Hackers, unfortunately known as “solarwinds”, used Trojan malware to infiltrate the company and its customers through its popular Orion software, an IT management commonly used by government agencies Is the program.

But, as stated earlier, hackers have Took advantage of a multitude of strategies To make its way into American institutions – not just from hacking into Orion. Is included Exploiting exploits by improperly securing administrative credentials, sprinkling passwords, and even, obviously, just passwords. He also tied up with other companies independent of the SolarWinds supply chain, such as Microsoft, FireEye and Malwarebytes, And Microsoft’s cloud-based office software appears to be used to reach some government agencies.

In fact, investigators are still unheard of the hackers’ route and the route they took, as they made their way into an important American supply chain. The Wall Street Journal reports:

According to a person familiar with the investigation of SolarWinds, SolarWinds itself is investigating whether Microsoft’s cloud was in the network of hackers’ initial entry point, which it said is one of several theories.

The hack has affected a disturbing number Powerful federal agencies, including the Department of Defense, the federal judiciary, the Treasury, the Department of Commerce, Labor and the State, the DOJ, and the National Nuclear Security Administration (NNSA), are in charge of securing America’s nuclear reserves. , among others.

President Joe Biden has Vowed to punish the guilty-He says that he will assure “substantial costs” to those responsible. He also promised Invest heavily In efforts to secure federal agencies and has stated that it will create cyber security A more central, strategic part under his chairmanship Compared to its predecessor.

The US government has temporarily blamed Russia for the hack, Released a statement earlier this month In which it was stated that “an Advanced Permanent Threat (APT) actor, originally Russian, originally discovered, is responsible for the cyber compromise of all government and non-government networks.”

However, some private firms are more cautious with attribution. Benjamin Reid, Director of Threat Intelligence at FireEye (who was also hacked by the same actor) Recently he said “There is not enough evidence to see” that the actor came from Russia, though he called it “admirable”. Russia has denied responsibility.


Leave a Reply

Your email address will not be published.