7 Things We Know So Far About the SolarWinds Attacks7 Things We Know So Far About the SolarWinds Attacks
Two months after the news first broke, many questions remain about the sophisticated cyber-espionage campaign.
February 11, 2021
Nearly two months after news surfaced about software updates from SolarWinds being used to distribute a backdoor Trojan called Sunburst/Solorigate to some 18,000 organizations worldwide, troubling questions remain about the scope and impact of the breach.
The campaign, which the US government and others have described as a highly sophisticated espionage operation by a Russia-backed group, has raised broad fears of sensitive data being stolen from several US government agencies and large companies.
In addition, there are considerable fears that the attackers may have gained deep, persistent, and almost undetectable access on networks belonging to numerous organizations in sectors including manufacturing, industrial, construction, and logistics. Some believe it will take months for victims to ensure they have truly eradicated the threat from their networks.
The incident has resurfaced old concerns over supply chain vulnerabilities and some new ones over the ability of even the best security tools and controls to detect highly targeted attacks. The fact that some of the campaign's victims include top technology firms such as Microsoft and security vendors like FireEye has not helped.
On Tuesday, concerns over the breach prompted members of the US Senate Intelligence Committee to send a letter to leaders of the intelligence community asking for a more coordinated response at the federal level. The letter, signed by Sens. Mark Werner (D-Va.) and Marco Rubio (R-Fla.), expressed concern over the "disjointed and disorganized" US response to the incident so far and called for the appointment of a "clear leader" to head the effort going forward.
"The threat our country still faces from this incident needs clear leadership to develop and guide a unified strategy for recovery," the two lawmakers wrote, noting the fact that numerous federal agencies and thousands of private-sector entities had been impacted.
Here is a recap of what is known — and unknown — about the campaign to date.
About the Author(s)
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks
How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment