Russia’s SolarWinds Hack Is a Historic Mess

Normally we use this space to round up the biggest stories from all reaches of the cybersecurity world. This week, we’re making an exception, because there’s really only one story: how Russia pulled off the biggest espionage hack on record.

Russia’s hack of IT management company SolarWinds began as far back as March, and it only came to light when the perpetrators used that access to break into the cybersecurity firm FireEye, which first disclosed a breach on December 9. Since then, a cascading number of victims have been identified, including the US Departments of State, Homeland Security, Commerce, and the Treasury, as well as the National Institutes of Health. The nature of the attack—and the tremendous care taken by the hackers—means it could be months or longer before the extent of the damage is known. The impact is already devastating, though, and it underscores just how ill-prepared the US was to defend against a known threat—and to respond. It’s also ongoing. 

And there’s so much more. Below we’ve rounded up the most important SolarWinds stories so far from around the internet. Click on the headlines to read them, and stay safe out there.

Reuters has broken multiple stories about the SolarWinds hack and its fallout, but this piece takes a step back to look at the company at the heart of it. The IT management firm has hundreds of thousands of customers—including 18,000 who were vulnerable to Russia’s attack—who rely on it for network monitoring and other services. Its security practices appear to have been lacking on a few fronts, including the use of the password “solarwinds123” for its update server. (That’s not suspected of being tied to the current attack, but … still.)

The Wall Street Journal this week shared new details about what happened inside FireEye earlier this month as it discovered and responded to its own compromise. The tip-off: An employee received an alert that someone had logged into the company’s VPN using their credentials from a new device. Over 100 FireEye employees engaged in the response, which included combing through 50,000 lines of code to suss out any abnormalities.

Over the past several years, the US has invested billions of dollars…