SolarWinds hack

The “SolarWinds hack” was a major cybersecurity breach that occurred in 2020, affecting the United States federal government and many other fortune-500 companies.

Initial vector for the attack was a company known as SolarWinds, an American company that develops software for businesses to help them manage their systems and networks.

The attack started no later than March 2020 and went undetected for months. It was first publicly reported on December 13, 2020

Federal investigators and cybersecurity experts have said Russia’s Foreign Intelligence Service (SVR) is probably responsible for the attack, and there are signs China carried out a simultaneous attack operation as well.

References

• The Guardian. “SolarWinds Hack Was Work of ‘at Least 1,000 Engineers’, Tech Executives Tell Senate,” February 24, 2021.
• Volz, Robert McMillan and Dustin. “Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say” Wall Street Journal, January 29, 2021.
• Staff, Reuters. “SolarWinds Hack Was ‘largest and Most Sophisticated Attack’ Ever: Microsoft President” Reuters, February 15, 2021.
• “2020 United States Federal Government Data Breach” In Wikipedia, February 27, 2021.
• CNN, Brian Fung and Geneva Sands. “Former SolarWinds CEO Blames Intern for ‘solarwinds123’ Password Leak” CNN. Accessed February 28, 2021.
• Goodin, Dan. “Chinese Hackers Targeted SolarWinds Customers in Parallel with Russian Op” Ars Technica, March 9, 2021.