Estimated reading time: 1 minute, 27 seconds

Solarwinds Hack Looks Worse the More We Know About It Featured

Alarm bells from cybersecurity experts are ringing ever louder as new details emerge from the recently uncovered hacking that began by targeting the IT contractor SolarWinds. 

FireeyeIn the early days of 2021, three weeks after word of the breach surfaced—and as many Americans were distracted with the holidays, coronavirus pandemic and election fallout—The New York Times reported that more than 250 business and federal agencies were likely affected.

The attack, attributed to Russia, has stoked increasing concerns about how U.S. cybersecurity defenses failed and what vulnerabilities remain for government and private-sector networks. The Kremlin has denied involvement.

Among the latest revelations: the attacks came from servers within the United States, according to FireEye, the cybersecurity firm that first called attention to the breach. Lacking authority to enter private sector networks, the National Security Agency and homeland security would’ve been restricted in their ability to defend against such domestic attacks.

Microsoft has also confirmed that the hackers behind the SolarWinds breach accessed some of the software giant’s source code. Cybersecurity pros told CNBC that the move gives a troubling indication of how vast the cyber attack could be in scope.

The Cybersecurity and Infrastructure Security Agency has still been working to address known vulnerabilities and recommended agencies update their SolarWinds software, as CNN notes. Congressional Democrats and President-elect Joe Biden’s team have been pushing the Trump administration to disclose more about its response to the hacking.

Sen. Mark Warner (D-Va.), the ranking member of the Senate Intelligence Committee, told the Times that the hack looked “much, much worse” than first feared. “The size of it keeps expanding."

Determining the full extent of the damage could take months or even years, according to intelligence officials.

Read 82 times
Rate this item
(0 votes)

Visit other PMG Sites:

click me
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.