Worst nightmare cyberattack: The untold story of the SolarWinds hack

Click for: original source

The routine software update may be one of the most familiar and least understood parts of our digital lives. By Dina Temple Raston.

The routine update, it turns out, is no longer so routine. Hackers believed to be directed by the Russian intelligence service, the SVR, used that routine software update to slip malicious code into Orion’s software and then used it as a vehicle for a massive cyberattack against America.

By design, the hack appeared to work only under very specific circumstances. Its victims had to download the tainted update and then actually deploy it. That was the first condition. The second was that their compromised networks needed to be connected to the Internet, so the hackers could communicate with their servers.

“The tradecraft was phenomenal.”

SolarWinds CEO and President figures the Russians successfully compromised about 100 companies and about a dozen government agencies. The companies included Microsoft, Intel and Cisco; the list of federal agencies so far includes the Treasury, Justice and Energy departments and the Pentagon.

“It’s really your worst nightmare,” Tim Brown, vice president of security at SolarWinds, said recently. “You feel a kind of horror. This had the potential to affect thousands of customers; this had the potential to do a great deal of harm.”

This is super interesting read for anybody in information security. Great read!

[Read More]

Tags infosec cio management software crypto servers