All about the global cyberespionage campaign that penetrated US government agencies
1/5
Global cyberespionage campaign
According to a report by AP, Governments and major corporations worldwide are scrambling to see if they, too, were victims of a global cyberespionage campaign that penetrated multiple US government agencies and involved a common software product used by thousands of organizations. Russia, the prime suspect, denies involvement. Cybersecurity investigators said the hack's impact extends far beyond the affected US agencies, which include the Treasury and Commerce departments, though they haven't disclosed which companies or what other governments were targeted.
2/5
When did the hack begin?
The hack began as early as March when malicious code was snuck into updates to popular software that monitors computer networks of businesses and governments. The malware, affecting a product made by U.S. company SolarWinds, gave elite hackers remote access into an organization's networks so they could steal information. It wasn't discovered until the prominent cybersecurity company FireEye learned it was hacked. Whoever broke into FireEye was seeking data on its government clients, the company said, and made off with hacking tools it uses to probe its customers' defenses.
3/5
What is solarwinds?
SolarWinds, of Austin, Texas, provides network-monitoring and other technical services to hundreds of thousands of organizations around the world, including most Fortune 500 companies and government agencies in North America, Europe, Asia and the Middle East. Its compromised product, called Orion, accounts for nearly half SolarWinds' annual revenue. The company's revenue totaled $753.9 million over the first nine months of this year. Its centralized monitoring looks for problems in an organization's computer networks, which means that breaking in gave the attackers a “God-view'' of those networks.
Amazon Top Deals
POWERED BY

Crompton Ozone 75 Litres Desert Air Cooler for home | Large & Easy Clean Ice Chamber | 4-Way Air Deflection | High Density Honeycomb Pads | Everlast Pump | Auto Fill| 3 Year Brand Warranty
₹9,798Buy Now43%
OFF

LG 32 L Convection Microwave Oven (MC3286BRUM, Black, 360° Motorised Rotisserie for Bar-be-queing, 301 Auto Cook Menu, Stainless steel cavity, Indian Cuisine, Tandoor Se, Steam Clean & Diet Fry)
₹18,780Buy Now22%
OFF
4/5
Who all were affected?
Neither SolarWinds nor U.S. cybersecurity authorities have publicly identified which organizations were breached. Just because a company or agency uses SolarWinds as a vendor doesn't necessarily mean they were vulnerable to the hacking. The malware that opened remote-access backdoors was injected into SolarWinds' Orion product updates released between March and June, but not every customer installed them. The hackers would have also had to want to target the organization.
5/5
Similar to Russian military
The so-called supply-chain method used to distribute the malware via SolarWinds' software recalled the technique Russian military hackers used in 2016 to infect companies that do business in Ukraine with the hard drive-wiping NotPetya virus, the most damaging cyberattack to date. In that case, the hackers inserted a self-propagating worm into a tax preparation software company's updates to infect its customers. In this case, any actual infiltration of an infected organization required “meticulous planning and manual interaction,'' according to FireEye.