The group of hackers behind the ongoing ones SolarWinds the scandal found other ways to penetrate US companies and public agencies than to compromise the titular software company. In fact, almost a third of the victims of the hack – about 30%“They have nothing to do with SolarWinds,” a senior federal security official said this week.
Brandon Wales, Acting Director of the Cyber Security and Infrastructure Agency, told the Wall Street Journal that hackers “gained access to their targets in a variety of ways” and that “it is absolutely right that this campaign should not be considered the SolarWinds campaign.”
Indeed, the cybersecurity scandal – which turned out to be the largest in US history– Unfortunately, it became known as “SolarWinds” after hackers used Trojan malware to infiltrate the company and its customers through its popular Orion software, an IT management program commonly used by government agencies.
But, as previously reported, hackers seem to have he capitalized on a multitude of strategies to break into US entities – not just by hacking Orion. This included exploiting improperly secured administrative accreditation, spraying passwords and even, apparently, just guessing passwords. They also compromised other companies independent of the SolarWinds supply chain, such as Microsoft, FireEye and Malwarebytesand they also appear to have used Microsoft’s cloud-based Office software to access certain government agencies.
Indeed, investigators are still following the path of the hackers and the path they followed as they headed for a vital US supply chain. Wall Street Journal reports:
SolarWinds is analyzing whether the Microsoft cloud was the initial entry point for hackers into its network, according to a person familiar with the SolarWinds investigation, who said it was one of several theories pursued.
G / O Media may receive a commission
The hack affected an annoying number of strong federal agencies, including the Department of Defense, the federal judiciary, the Treasury, the Departments of Commerce, Labor and the State, the DOJ, and the National Nuclear Safety Administration (NNSA), which deals with securing the U.S. nuclear stock. , among others.
President Joe Biden has he swore to punish the guilty– recently saying that it will provide “substantial costs” for those responsible. He promised, too invest more in efforts to secure federal agencies and said it would create cyber security a more central and strategic part of his presidency than his predecessor did.
The US government has temporarily blamed Russia for the hack, publishing a statement earlier this month which stated that “an Advanced Persistent Threat (APT) actor, probably of Russian origin, is responsible for most or all of the ongoing cyber trade-offs recently discovered, both in government and non-government networks.”
However, some private companies have been more cautious about awarding. Benjamin Reed, director of threat intelligence at FireEye (who was also hacked by the same actor) he recently said he had “I didn’t see enough evidence” to determine if the actor came from Russia, although he called it “plausible.” Russia has denied responsibility.