Sections

ideals
Business Essentials for Professionals



SolarWinds' Market Dominance Used By Hackers For A Sprawling Spy Campaign


12/16/2020


SolarWinds' Market Dominance Used By Hackers For A Sprawling Spy Campaign
The extent to which SolarWinds had gone during his 11 years at the helm was touted by the company’s Chief Executive Kevin Thompson at an earnings call two months ago. Talking to analysts on the October 27 call, he had said that the Austin, Texas-based company was providing some level of monitoring or management or the other to virtually all databases or IT deployment model.
 
"We don't think anyone else in the market is really even close in terms of the breadth of coverage we have," he said. "We manage everyone's network gear."
 
But when sophisticated hackers subverted the systems and software of the workhorse that helps glue organizations together, the dominance of the company became a liability. 
 
The company announced on Monday that its flagship network management software called Orion had unwittingly become the conduit for a large international cyber-espionage operation. About 18,000 customers of the company were pushed malicious codes by hackers after they were inserted into the Orion’s software updates.
 
And even though it is now being claimed that number of companies and organization affected by the hacking was not as large as was being said previously, hackers had already gained access to servers of the company’s clients, including breaches into the United States departments of Treasury and Commerce.
 
According to reports, the prime suspect of the hacking was Russia even though reports have also claimed that it was too soon yet to come to any decision.
 
No executive from SolarWinds was willing to comment on the issue.
 
"We strive to implement and maintain appropriate administrative, physical, and technical safeguards, security processes, procedures, and standards designed to protect our customers," said the company in a statement issued on Sunday.
 
Gaining an understanding of the scope of the damage has not yet been possible for cyber security experts.
 
According to Kim Peretti, who co-chairs Atlanta-based law firm Alston & Bird's cybersecurity preparedness and response team, the hackers had inserted the malicious updates between March and June – a time when the US was reeling to control the first wave of novel coronavirus infections. Peretti said that the time was a "perfect timing for a perfect storm".
 
She added that it would be difficult to assess the damage of the cyberattack,
 
"We may not know the true impact for many months, if not more – if not ever," she said.
 
There was however more immediate impact of the hacking on SolarWinds. All who were using Orion were ordered by US official to disconnect the software immediately. Since Friday, when the news of the hack emerged, the shares of the company have dropped by more than 23 per cent to $18.06 from $23.50.
 
On the other hand, SolarWinds' security has been subjected to new scrutiny.
 
In a previously unreported incident, offers to sell access to SolarWinds' computers through underground forums were made by multiple criminals, according to reports quoting two researchers who had accessed those forums separately.
 
(Source:www.thestar.com)