SolarWinds, a major US information technology firm, was the subject of a cyberattack that spread to its clients and went undetected for months, Reuters first reported last week. Foreign hackers, who some top US officials believe are from Russia, were able to use the hack to spy on private companies like the elite cybersecurity firm FireEye and the upper echelons of the US Government, including the Department of Homeland Security and Treasury Department.
Here's a simple explanation of how the massive breach happened, and why it matters.
An unusual hack
Earlier this year, hackers secretly broke into Texas-based SolarWind's systems and added malicious code into the company's software system. The system, called "Orion," is widely used by companies to manage IT resources. Solarwinds has 33,000 customers that use Orion, according to SEC documents.
Most software providers regularly send out updates to their systems, whether it's fixing a bug or adding new features. SolarWinds is no exception. Beginning as early as March, SolarWinds unwittingly sent out software updates to its customers that included the hacked code.
The code created a backdoor to customer's informat ..
Support the originator by clicking the read the rest link below.