SolarWinds Supply Chain Attack Was Carried Out From the USA

A large-scale cyberattack on the American software manufacturer SolarWinds Corp., which affected numerous government departments and private companies, was carried out from the United States. This was stated by the Deputy Adviser to the President of the United States for National Security Ann Newberger (Anne Neuberger) at a briefing in Washington.

"The hackers carried out a hack from the United States, which made it difficult for the American government to monitor their activity," Newberger said.

According to the official, according to the data available to date, nine federal agencies and about a hundred private sector firms have been affected by the malicious campaign. About which organizations in question, Newberger did not say.

“Many of the compromised companies are technology firms, including networks of companies whose products could be used to carry out additional attacks,” Newberger said.

The government is now trying to figure out the true extent of the attack, and the investigation is likely to take several months, Newberger said.

She also explained that the hackers had done a lot of work that required careful preparation.

“We believe it took them several months to plan the operation,” she added.

Newberger noted that the APT (Advanced Persistent Threat) group was responsible for the attack, "most likely of Russian origin." On the basis of what such a conclusion was made, the deputy adviser did not explain.

The attack on the SolarWinds supply chain became known in early December last year, after the information security company FireEye published a report on the results of an investigation into the theft of tools used by its specialists to find vulnerabilities. As part of the malicious campaign, the attackers injected a backdoor into updates for the SolarWinds Orion platform. 

As a result, the malicious update was installed by about 18 thousand organizations. In particular, the malware was found in the networks of the US Treasury Department, the Telecommunications and Information Administration (NTIA) of the US Department of Commerce, US Department of Homeland Security, FireEye, Microsoft, Mimecast, Palo Alto Networks, Qualys, Fidelis Cybersecurity, etc. Microsoft President Brad Smith named incident "the largest and most sophisticated attack the world has ever seen." The company estimates that over a thousand specialists took part in organizing the hacking.

Previous Post Next Post