Large technology companies, including Intel, Nvidia and Cisco, were all infected during the SolarWinds hack.

News broke last week that the IT management company SolarWinds had been hacked, possibly by the Russian government, and the US Treasury, Commerce, State, Energy and Homeland Security departments were affected – two of whom could have been stolen. emails as a result of the hack. Other government agencies and companies are investigating because of SolarWinds’ extensive customer list. Wall Street Journal reports now that some large technology companies have also been infected.

Cisco, Intel, Nvidia, Belkin and VMware all have computers on their networks infected with malware. There could be many more: SolarWinds said “less than 18,000” companies were affected, as if that number should be reassuring and even tried to hide the list of customers who used the infected software. . Today’s news takes some of SolarWinds’ big customers from ‘possibly affected’ to ‘confirmed affected’.

Right now, the big tech companies have the same story, summing up “we investigate, but we don’t think this has affected us.” But as we have repeatedly learned in cases such as the 2016 hack of the Democratic National Committee’s e-mail, it can take a long time for the effects of a hack to be fully realized. Once hackers are in a system, it can also be difficult to tell if they are completely gone. Like this Associated Press The report explains, it can be difficult to fully trust a network after a hacker has been inside.

In this case, investigators have a lot of data to look back on: the hack is still ongoing and has been going on for months.

The exacerbation of the problem is that investigators found another hacking group that entered SolarWinds using a similar exploit. This attack, nicknamed Supernova, was originally thought to be part of the main attack (aka Sunburst), but investigators now believe it was carried out by a second, less sophisticated group.

There are all sorts of reasons why a hacking group might want to get into the systems of a large technology company, including access to future product plans or information about employees and customers that might be sold or withheld for redemption, assuming they searched. in fact that information. But it is also possible that these companies were just collateral damage, as these hacking groups tracked down government agencies, the ones that happened to share the same IT management systems provided by SolarWinds. At present, none of these companies seem to be particularly concerned. Compare this to the US government’s computer security organization, which announced that every federal agency should shut down its SolarWinds systems immediately.

Source