Solarwinds hack victims: From tech companies to a hospital and university


The suspected Russian hackers behind breaches at U.S. government agencies also gained access to major U.S. technology and accounting companies, at least one hospital and a university, a Wall Street Journal analysis of internet records found.

The Journal identified infected computers at two dozen organizations that installed tainted network monitoring software called SolarWinds Orion that allowed the hackers in via a covertly inserted backdoor. It gave them potential access to scores of sensitive corporate and personal data.

SUSPECTED RUSSIAN HACK AGAINST US IS ‘GRAVE’ THREAT, CYBERSECURITY AGENCY SAYS

Ticker Security Last Change Change %
SWI SOLARWINDS CORPORATION 15.75 -0.26 -1.62%

Among them: technology giant Cisco Systems Inc., chip makers Intel Corp. and Nvidia Corp., accounting firm Deloitte LLP, cloud-computing software maker VMware Inc. and Belkin International Inc., which sells home and office Wi-Fi routers and networking gear under the LinkSys and Belkin brands. The attackers also had access to the California Department of State Hospitals and Kent State University.

The victims offer a small window into the sweeping scope of the hack, which could have ensnared as many as 18,000 of Austin-based SolarWinds Corp.’s customers, the company said, after hackers laced a routine software update with malicious code.

SolarWinds said that it traced activity from the hackers back to at least October 2019 and that it is now working with security companies, law enforcement and intelligence agencies to investigate the attack.

Cisco confirmed in a statement that it found the malicious software on some employee systems and a small number of laboratory systems. The company is still investigating. “At this time, there is no known impact to Cisco offers or products,” a company spokesman said.

CLICK HERE TO READ MORE ON FOX BUSINESS

Intel downloaded and ran the malicious software, the Journal’s analysis found. The company is investigating the incident and has found no evidence the hackers used the backdoor to access the company’s network, a spokesman said.

Deloitte, infected in late June according to the Journal’s analysis,…

Source…