Find all our latest news, insights, and events
The SolarWinds Hack
Posted: Apr 06, 2021 | Reading Time: 2 Minutes
The Current State
U.S.-based tech company SolarWinds was a victim of a hacking breach that initially began in March of last year. When sending updates to customers they were unaware that their software had been compromised resulting in many receiving hacked code. This led to their products being weaponized by hackers and encroaching on data from federal agencies including the Department of Defense, and other U.S. companies such as Microsoft and VMware.
How it started
From March to June 2020, two updates for SolarWinds’ Orion IT administration software were unknowingly installed with malware by hackers to spy on customers. Later in December, the cyber security company FireEye also disclosed that hackers had broken into their network as well. On December 11, FireEye discovered that SolarWinds was also attacked, and alerted the CEO of SolarWinds, now realizing that the two companies were targeted by the same attack. The next day, an emergency White House meeting was held to address breaches that had occurred across multiple government agencies and businesses. The Cybersecurity and Infrastructure Security Agency advised all federal agencies to shut down their SolarWinds Orion products due to the security threat.
What does it do?
The attacker utilized the malware put into the SolarWinds Orion product can gain entry to the network, where they are then able to use administrative permissions and can impersonate the organization’s existing users and accounts, giving the hacker access to confidential credentials and sensitive data. The malware is designed to be stealthy, and can operate while being disguised as normal activity and even identify anti-virus software that may threaten it. After its initial breach, the malware can add new admin privileges to ensure long-term access. Through this, hackers have been able to intrude on multiple U.S. government networks and private systems around the world. As of now, nine federal agencies and about 100 private sector companies have been compromised.
As of now, the primary suspects of these multiple hacking breaches are presumed to be based out of Russia, and include four different organizations. During a February 14 interview, President of Microsoft Brad Smith has stated that the cyber attacks are still ongoing, and that “it's probably fair to say that this is the largest and most sophisticated [cyber] attack the world has ever seen.” Chris Inglis, deputy director of the National Security Agency for seven years, also stated that it’s hard to be sure whether the virus is completely out of computer systems or not, unless you get rid of all of the affected computers and components altogether. New companies are continuing to face ongoing security breaches and are currently attempting to slow the spread of the computer virus to other organizations.
ClinTech Systems specializes in healthcare and business informational technology. We are the leading experts in HIPPA, PHI software compliance, integration of CRM, EMR, HRIS, Data Relays, Office 365, managed information technology systems, and offer CIO consultation to increase efficiency and enhance productivity. Our staff is highly focused on leading strategic innovations, troubleshooting complex problems, and building bulletproof solutions.
Let's talk about your project and see how we can work together
We're a team of Engineers, Builders, Network Experts, and Creative Programmers. So, what can we create for you today?