Recently the IT management company SolarWinds was severely hacked. The hack was predicted to be caused by the Russian Government. However, the hack resulted negatively impacting several corporations, companies, and government agencies. The US Treasury, Commerce, State, Energy, and Homeland Security departments are among those affected, two of which stated that they might have massive emails stolen. At present, investigations are going on in government agencies and many companies on SolarWinds’ extensive client list. A recent report by the Wall Street Journal stated that the hack might have infected many big tech companies.
Companies like Cisco, Intel, Nvidia, Belkin, and VMware all had global computers on their networks infected by the malware. However, many more- SolarWinds stated that “around fewer than 18,000” count companies were impacted by the hack. That number is undoubtedly not reassuring! SolarWinds also tried hiding the long list of clients who stated that they used the infected software. An update on the hack transformed the “possibly affected’’ client list of SolarWinds to “confirmed affected.”
Presently, the big tech companies all have to say the same story, stating that they are all “We’re investigating. However, we don’t think that the hack has impacted us.” But earlier instances like the 2016 hack of the Democratic National Committee’s email stated it could take a lengthy period for the impacts of a hack to resurface and to be fully realized. Once hackers get inside a system, it can also become challenging to state if they are still present inside the system or have left. A recent report explains that it can be difficult to completely trust a computer once a hacker has entered it. However, in the recent hack, investigators have comprehensive data to look back through and analyze- the hack is still prevalent and has been going on for months now.
While analyzing the issue, investigators found another prominent hacking group that earlier broke into SolarWinds using a similar exploit technique. The recent attack named Supernova was initially thought to be a fragment of the main attack (viz. Sunburst). However, investigators are now aware that the hack was executed by a second and less sophisticated hacker group.
There are several reasons why a hacking group would want to enter into a big tech company’s systems. They may want to access future product plans or data about employee and customer information that they can sell or hold for acquiring ransom.
There may be innumerable reasons for the hack. However, it is also possible that the big tech companies were collateral damage as these hacking groups sought information from government agencies. These government agencies are the ones that share the same SolarWinds-provided IT management systems. At the time of the hack, it didn’t seem that the big companies are worried. Comparing them with the US government’s computer security organizations revealed that every federal agency in the state should power down its system associated through to systems with immediate effect.
(Image Credit: Freepik)
