Thousand of customers may have had their data compromised in the SolarWinds hack attack that’s come to light over the past few days.
The hackers used their access to SolarWinds’ software to access organisations using the Orion platform.
While the full scope of the hack is not yet known, the cyber criminals behind it has been able to tap in to the data streams of 425 of the Fortune 500 companies as well as several government agencies, according to The Guardian.
SolarWinds has over 300,000 customers around the globe.
The U.S. Treasury and Commerce departments were among the many governmental agencies affected by the hack, The Wall Street Journal reported.
The attack was first uncovered by cybersecurity firm FireEye during the process of investigating a breach of its own. It seems as if the hackers were able to install malware that was then in place in updates to SolarWinds’ platform introduced between March and June this year.
SolarWinds has released a statement acknowledging the breach, saying that its Orion platform has fallen victim to “a highly sophisticated, manual supply chain attack” and that the firm has “been advised this attack was likely conducted by an outside nation state”.
Sources speaking with the Washington Post have linked the breach to Russian state-run hacking group called APT29. FireEye has not confirmed the name, but several sources ZDNet spoke with suggested that APT29 were likely behind the breach.
Several of the sources speaking with The Wall Street Journal described the hack as “among the most potentially worrisome cyberattacks in years, because it may have allowed Russia to access sensitive information from government agencies, defence contractors and other industries.”
Copyright © 2018 RegTech Analyst
