The fallout from SolarWinds hack will get worse before it gets better
- US government agencies and private organizations have been the targets of a cyberattack that was only just uncovered this month.
- A group of hackers believed to be associated with the Russian intelligence agency SVR infiltrated a SolarWinds software update earlier this year.
- This is a huge problem for two major reasons: The attackers were able to gain access for a long period of time without being detected, and it will also take a long time for security experts to determine the extent of what’s been compromised.
- “Fragments of attacks can sit dormant for months, and years, and only revive when the author wants them to begin their job,” cybersecurity expert Sean Harris told Business Insider. “Stealth is the most worrisome aspect of these ‘attacks.'”
- Visit Business Insider’s homepage for more stories.
For months, US government agencies and private organizations have been the targets of what’s being called the most widespread cyberattack ever, and one that went largely undetected until this month. At the center of the attack is a company most people have never heard of called SolarWinds, which provides IT infrastructure management tools to hundreds of thousands of customers including government agencies, corporations, and nonprofit organizations.
A SolarWinds software update earlier this year was infiltrated by a group of hackers believed to be associated with the Russian intelligence agency SVR, in what is known as a supply chain attack. As a result, the hackers’ malware was able to infect the networks of many, if not all of, SolarWinds’ customers as they updated their SolarWinds Orion software.
“The number of organizations that downloaded the corrupted update could be as many as 18,000, which includes most federal government unclassified networks and more than 425 Fortune 500 companies,” Tom Bossert, former Homeland Security Advisor, said in an op-ed in the the New York Times on Thursday.
Not only is this attack extraordinary in its scope, it’s devastating in its impact — largely because of two things. First, the attackers were able to gain covert access for a long period of time without being detected. And second, it will be even…