Dec.15 (EIRNS)—Someone hacked SolarWinds, which produces a popular product named Orion. In simple terms, the hack caused a backdoor to be installed on the system of every customer that updated their software over a period stretching back as far as this spring. Of SolarWinds’ 300,000-some clients, around 18,000 may have made themselves vulnerable in this manner. Confirmed targets include the Treasury and the Department of Commerce and Homeland Security.
Timeline: Cybersecurity firm FireEye announced last Tuesday, Dec 8, that it had been hacked, and that its tools — used for hacking into clients’ systems to test for vulnerabilities — had been stolen. FireEye then later announced that it had discovered the problem with SolarWinds and reported that it had seen the vulnerability exploited in most continents of the world. By early this week, it was confirmed that the three federal agencies named above had been compromised.
The attribution to Russia has not been made by FireEye or SolarWinds, but rather by “unnamed people familiar with the investigation” to the New York Times, the Washington Post, Reuters, and other legacy media outlets.
