SolarWinds Cyberattack may still Harm Government Agencies and Businesses
SolarWinds Cyberattacks on Federal Governments and Private Companies
Organizations across several sectors are increasingly vulnerable to cyberattacks, putting the information of millions of people at risk of exposure. Cyberattacks on federal governments and private companies are increasing, and they are prime targets for hackers, criminals, and hostile foreign entities who seek to cause disruption, sow distrust and obtain classified or sensitive information.
A report by the United States Government Accountability Office in December 2018 found that federal agencies reported 35 277 cybersecurity incidents in the fiscal year 2017, recording a significant increase of 14% compared to the previous year.
In 2020, cybercrimes increased due to the COVID-19 situation, and the United States is no exception. The scale of sophisticated cyberattacks on the US unearthed last month is much bigger than first anticipated. Similarly, the Russia-linked SolarWinds hack that targeted the United States government agencies and private corporations maybe even worse than authorities first realized, with some 250 federal agencies and businesses now believed affected, the New York Times reports.
News of the cyberattack officially broke on December 8, 2020, when FireEye put out a blog detecting an attack on its systems. The organization helps with the security management of several federal government agencies and big private companies.
The United States energy department is the latest agency that has confirmed that it has been breached in what is being described as the worst-ever hack on the US government. Although the department is responsible for managing United States nuclear weapons, it said the arsenal’s security had not been compromised.
Tech giant Microsoft also said that it had found malicious software in its systems. The hackers compromised SolarWinds’ Orion monitoring and management software, enabling them to “impersonate any of the organization’s existing users and accounts, including highly privileged accounts.” The Times reports that Russia exploited layers of the supply chain to access the agencies’ systems.
As per The Times report, early warning sensors that Cyber Command and the NSA placed inside foreign networks to identify potential attacks have failed in this case. Additionally, it seems that the US government’s attention on protecting the November elections from foreign hackers may have taken resources and focus away from the software supply chain. And conducting the attack from within the United States allowed the cybercriminals to evade detection by the Department of Homeland Security.
Microsoft stated that it had discovered its systems were infiltrated “beyond just the presence of malicious SolarWinds code.” The cybercriminals could view source code in numerous source code repositories, but the hacked account granting the access didn’t have permission to modify any code or systems. However, Microsoft said it had found no evidence to access production services or customer data and no hints that its systems were used to attack others.
The hacked looked “Much, much worse than he first feared,” said Sen. Mark Warner (D-Virginia), ranking member on the Senate Intelligence Committee. “The size of it keeps expanding, and it’s clear that the United States government missed it.”