White House Reveals At Least 100 Companies Were Hit By SolarWinds Hack
Last Updated: March 11, 2021
It is not often that a criminal manages to pull off a coordinated cyberattack of several agencies (including government’s) successfully. Thus, the hack of SolarWinds is remarkable for its ingenuity and overall effects. Suspected Russian hackers had infiltrated SolarWinds systems sometime in May 2020, although this was not confirmed till December 2020.
The attack almost went undetected for several months. Eventually, when the authorities got wind of the actions of the perpetrators, they had gone incognito. The criminals went as far as eliminating all traces of their actions. Thus, it is currently even near impossible locating the source of the attack and bringing the perpetrators to book. At the moment, emerging evidence reveals that much more groups than were imagined had their security compromised by the activities of these hackers.
What is SolarWinds?
SolarWinds had not been in the news before and perhaps would have remained relatively unknown except for the attack. It specializes in creating network management software. The management software helps keep an organization running. Although unknown to most regular folks, SolarWinds is quite popular with big organizations, including government agencies. This is because it provides network monitoring software to these agencies. Clients download the software and use it to monitor the effectiveness of its systems. Some of the Fortune 500 compromised by the attack include Intel, Belkin, VMWare, amongst others.
Prior to the revelation of the attack, SolarWinds had previously been warned about the porosity of its systems. Part of its shortcomings included the fact that it didn’t have a standby senior director of cybersecurity. Thus, since 2017, hackers had been siphoning data in small quantities. These vulnerabilities ultimately culminated in the major attack.
How the SolarWinds Attack Happened
There have been speculations about how the attack happened and how it went undetected for such a long time. What is certain is that the attack is a supply chain one. This is to say that SolarWinds was not necessarily the main target. The hackers were looking to steal the data from companies that use SolarWinds software.
However, the virus probably infected its network through SolarWinds’ Orion network management code. The hackers wrote the virus into the code and were smart enough to insert a backdoor when the program was just about to go live. Thus, developers were unable to notice the anomaly.
Per custom, SolarWinds requested its customers to download and upload the new software. Thus, every client who downloaded the software downloaded the backdoor with it. This gave hackers immediate access to the client’s data. They could do whatever they wanted with the data. This included selling or changing its form or even writing any number of codes into the software.
Victims of the Attack
It is doubtful if the full extent of the attack will be fully evident. This, as explained above, is partly because the hackers mostly eliminated all traces of their actions. Thus, new information continues to emerge per time. Furthermore, the government is also carrying out investigations, with no conclusion in sight yet.
In February 2021, the White House government revealed that no less than 9 federal organizations and close to 100 private companies were affected by the hack. The previous figure was somewhere around 250 federal agencies and businesses. Generally, about 18 000 SolarWinds clients received the compromised code.
Impacts of the Attack
The impact of the hack reverberated throughout the United States. Some of the specific ways it shook things up include:
1. It Introduced Changes to the Cybersecurity Industry
For years, there have been talks about revamping the cybersecurity industry. The hack has thus provided the needed incentive, motive and means to effect the changes necessary. At the moment, companies are adopting a proactive stance against threats. Thus, they employ methods that work as though the breaches were already existent and not merely anticipated.
Also, as a move to forestall future attacks, the United States government may separate the Cyber Command from the National Security Agency. This gives the former a focused approach to challenges.
2. Strengthened the Relationship Between the US Government and Private Cybersecurity Outfits
The hack could potentially force the United States government to work with private entities. Hitherto, deep scepticism and cynicism existed between the two factions. The US government was considered intrusive and oftentimes was on opposite sides with the private entities. Private actors, on the other hand, sometimes frustrated the efforts of the authorities. However, if a new partnership is forged, it would see the two factions working together.
3. Large Pool of Victims
The hack of SolarWinds is such a big deal because of its scale. Apart from SolarWinds, several other entities had their security breached too. This was the fear when the breach was first reported. The quick spread could be attributed to the ease with which the breach was perpetuated. As soon as any entity downloaded the corrupted files, they made themselves vulnerable to attacks.
The spread of the attack caused a great inconvenience to SolarWinds clients. There was no definitive method of determining if a breach actually occurred or not. Hence, each client (specifically big companies) had to halt their processes to verify that they were safe. Activities had to be taken online for several months in some cases. This resulted in losses for the firms and really frustrated.
4. Increased Cost of Cybersecurity
The attack has highlighted how expensive it is to secure cyber systems. At the moment, the networks infiltrated are porous. It would take a lot of work (years even) for any meaningful result to be experienced.
The hack of SolarWinds is a wakeup call to security agencies the world over. It is a reiteration of the fact that cybercrimes are a growing concern in the modern world. Hopefully, this hack will propel the appropriate authorities to do the needful to beef up security.