Hundreds of thousands of organisations around the world rely on software developed by SolarWinds for managing their IT networks. Hackers managed to insert malicious code into the software updates provided by SolarWinds to its customers, which then allowed them to open a back door that let them spy on their targets at will. The updates were released between March and June 2020, SolarWinds said, raising the possibility that the hackers have been inside some systems for as long as nine months.
SolarWinds, of Austin, Texas, provides its software to hundreds of thousands of organisations around the world, including most Fortune 500 companies and government agencies in North America, Europe, Asia and the Middle East. Thus the scale of the hack is potentially global and far reaching. Most US national security experts are pointing the finger of attribution towards an advanced nation state sponsored actor with rumours abound associating it with Russia.
SolarWinds said on its website that it had 275,000 customers worldwide. But the company on 14-Dec-20 said it believed that “fewer than 18,000” of its customers had downloaded the compromised updates. In the US, the commerce department said one of its bureaus had been breached. The Treasury department was also reported to have been targeted, but it declined to comment.
Containment and remediation advisories have been issued by the UK’s national cyber security centre to aid those affected/concerned by this incident <here>.
Click the button below to read more.