Continued Fallout from SolarWinds Attack

November 15, 2021

In December 2020, multiple United States Federal agencies were successfully breached by hackers that have been linked to Russia. Among those departments hacked were the Department of Homeland Security and the Department of Agriculture. The attack then spread to a number of corporations, greatly impacting business across the country.

The hackers exploited vulnerabilities in SolarWinds, an American software company with around 300,000 customers (at the time of the attack) including Fortune 500 companies and many federal agencies.

Now, eleven months after the attack, problems continue to persist with SolarWinds and cybersecurity attacks. The hackers, dubbed Nobelium by Microsoft, have managed to infiltrate at least 14 technology firms since May, reports Sean Lyngaas for CNN.

“The hackers have been hitting a different part of the supply chain than in the 2020 breach: companies that buy and distribute software and manage cloud computing services,” writes Lyngaas. “Microsoft did not name the victim companies or identify the ultimate targets of the alleged Russian spies.”

The report from Microsoft comes on the heels of an early October report detailing evidence that the Russian group had attempted to infiltrate both U.S. and European government networks.

The concern, says Microsoft corporate vice president Tom Burt via the CNN article, is that these continued attacks by Russia show that the hackers are working toward obtaining long-term access to surveil targets of interest to the Russian government. The Russian government continues to deny involvement.

 “The ultimate goal is to ‘impersonate an organization's trusted technology partner to gain access to their downstream customers,’” Burt shared with CNN.

In May, the hackers successfully impersonated a US government agency and sent malicious emails to 50 organizations in 24 countries, says Microsoft. The majority of the targets were located in the U.S. and included individuals such as former US ambassadors.

The continued campaigns have had many in the cybersecurity industry – and SolarWinds investors – expressing concern.

Reuters reported on November 5 that the SolarWinds investors have sued the company’s directors, alleging that they were aware of the potential for security breaches and failed to implement appropriate cybersecurity monitoring strategies.

“The lawsuit filed in Delaware on Thursday appears to be the first based on records shareholders demanded from the company after Reuters reported last December that malicious code inserted into one of the company's software updates left U.S. government agencies and companies exposed,” writes Jody Godoy.

Representatives of the U.S. government have expressed that offensive options are in place to defend against the SolarWinds attacks, but have not specified what those options are.

The lessons learned from these attacks will continue to have far-reaching impacts on the cybersecurity industry, national security efforts, and the business of creating software.

Want‌ ‌to‌ ‌learn‌ ‌about‌ ‌cybersecurity?‌ ‌View‌ ‌the‌ ‌full‌ ‌list‌ ‌of‌ ‌bachelor’s,‌ ‌master’s‌ ‌and‌ ‌doctorate‌ ‌degrees‌ ‌in‌ cyber‌ ‌and‌ ‌information‌ ‌security‌.‌ ‌Many‌ ‌courses‌ ‌are‌ ‌available‌ ‌both‌ ‌on‌ ‌campus‌ ‌and‌ ‌online.‌ ‌To‌ ‌learn‌ ‌more‌ about‌ ‌Capitol‌ ‌Tech’s‌ ‌degree‌ ‌programs,‌ ‌contact‌ ‌‌admissions@captechu.edu‌.

Photo from NPR.