Let’s begin with the scale of the hack. SolarWinds was a prime vendor to tens of thousands of clients, including hundreds of Fortune 500 enterprises and nearly the entire US government. It says at least 18,000 entities were affected.
SolarWinds provides an important service: ensuring that software versions are updated in a timely and efficient manner for their clients. This gave it access to customers‘ entire networks and databases. By breaking into SolarWinds, the hackers -- allegedly the Russian unit known as Cozy Bear -- had instant access to that huge roster of firms.
To use a military analogy, the initial attack on SolarWinds was a carpet-bombing, which had immediate (if undetected) effects across the entire field of battle. What happened next was more pernicious: A series of precision-guided strikes directed at top cybersecurity firms such as FireEye, and at key nodes throughout the US infrastructure. This included financial institutions, utilities (disclosure: I serve on the board of a public utility, American Water), defense companies and government entities including the Departments of Homeland Security, State and Commerce.
The scale of the attack is breathtaking, and there is still a great deal we are uncertain about. This is partly because of the sophistication and level of resources available for the hackers (Cozy Bear allegedly has Kremlin support) and because there is still a limited culture of sharing the results of hacks between elements of the public and private sector.
Unlike ..
Support the originator by clicking the read the rest link below.
