The SolarWinds software hack’s success has now given the hackers wide-ranging access to government and corporate information systems. Given the scale of the attack, the amount of data stolen or compromised is still unknown. In fact, the government agencies and cybersecurity experts are still working to piece together the suspected espionage operation. In its legal filing, the company mentioned that the threat actors inserted Sunburst malware in SolarWinds’ Orion software updates sent to nearly 18,000 customers. This update was released between March and June in 2020. In this article at KrebsonSecurity, the author explains the impact of the massive SolarWinds Software hack.
The Growing List
“In a December 14 filing with the US Securities and Exchange Commission (SEC), SolarWinds said roughly 33,000 of it’s more than 300,000 customers were Orion customers, and that few than 18,000 customers may have had an installation of the Orion product that contained malicious code,” explains the author. The list of organizations infected with Sunburst malware includes Cox Communications, Fujitsu, Lukoil, Intel, SAP, Cisco, Digital Reach, Digital Sense, Belkin, Amerisafe, and Nvidia. SolarWinds also said the intrusion also compromised its Microsoft Office 365 accounts.
The consequences of the cyber-assault that was first discovered by security firm FireEye are yet to be understood. FireEye also suffered an intrusion that resulted in the theft of nearly 300 proprietary software tools the company provides to clients to secure their IT operations. Experts believe that hackers’ access to the vast amount of information could lead to data theft or destroy and falsify government data. Further, they warn that it could take years to fix.
Cybersecurity experts indicate that this is not usual espionage. Instead, it represents the severe technological vulnerability for the United States and the world. The bigger threats for most organizations are day-to-day ransomware and other malware attacks. If organizations fail to defend against them, then certainly securing businesses against attacks like Sunburst is impossible.
To read the original article, click on https://krebsonsecurity.com/2020/12/solarwinds-hack-could-affect-18k-customers/.