The group of hackers behind the current program SolarWinds the scandal found other ways to get into U.S. companies and public agencies that would not only compromise the titular software company. In fact, almost a third of the victims of piracy – about 30%“They have no connection to SolarWinds,” a senior federal security official said this week.
Brandon Wales, Acting Director of the Cyber Security and Infrastructure Agency, he told the Wall Street Journal that hackers “gained access to their targets in various ways” and that “it is absolutely correct that this campaign is not considered the SolarWinds campaign.”
In fact, the cybersecurity scandal, which has proven to be the largest in U.S. history—Unfortunately, it became known as “SolarWinds” after hackers used Trojan malicious software to infiltrate the company and its customers through its popular Orion software, an IT management program commonly used by agencies. governmental.
But, as previously reported, it seems that hackers have it he took advantage of a multitude of strategies paving the way for American entities, not just hacking Orion. This is included exploiting incorrectly protected administrative credentials, spraying passwords, and even seemingly guessing passwords. They also engaged other independent companies in the SolarWinds supply chain, such as Microsoft, FireEye and Malwarebytes, and they also appear to have used Microsoft’s cloud-based Office software to access certain government agencies.
In fact, investigators continue to unravel the path of hackers and the path they followed as they headed for a vital U.S. supply chain. The Wall Street Journal reports:
SolarWinds is investigating whether Microsoft’s cloud was the initial entry point for hackers into its network, according to a person familiar with SolarWinds research, who said it is one of several theories being pursued.
G / O Media may receive a commission
The hack has affected a disturbing number of powerful federal agencies, including the Department of Defense, the judiciary, the Treasury, the Departments of Commerce, Labor, and the State, the Department of Justice, and the National Nuclear Safety Administration (NNSA), which is responsible for ensuring American nuclear storage. , among others.
President Joe Biden has it he pledged to punish the guilty—Recently saying that it would insure “substantial costs” for those responsible. He has promised it too invest more heavily in efforts to secure federal agencies and has said he will do cybersecurity a more central and strategic part of his presidency of what his predecessor did.
The U.S. government has temporarily blamed Russia for the hacking, publish a statement earlier this month in which it was stated that “an actor of Advanced Persistent Threat (APT), likely of Russian origin, is responsible for most or all of the ongoing cyber commitments recently discovered by governmental and non-governmental networks.”
However, some private companies have been more cautious in terms of attribution. Benjamin Reed, the director of threat intelligence for FireEye (which was also hacked by the same actor) he recently said he had it “I haven’t seen enough evidence” to determine if the actor came from Russia, though he called it “plausible.” Russia has denied its responsibility.