Charles CooperConsulting Editor
The RSA Conference 2021 Virtual Experience is happening May 17-20 and Symantec, as a division of Broadcom, will be providing a summary of some of the leading stories from the conference to help you stay informed.
SolarWinds CEO Sudhakar Ramakrishna revised the timetable of a major breach of the company’s computer systems, suggesting that hackers believed to be working on behalf of the Russian government launched their attack against the company about half a year earlier than initially believed.
The narrative until now was that attackers first compromised SolarWinds systems in September of 2019 and remained undetected until December 2020.
“What we have found more recently is that the attackers may have been in an environment as early as January, 2019,” said Ramakrishna, who offered more details about the hack during an appearance at the RSA Conference 2021. “As we look back, they were doing very early recon activities in January of 2019, uh, which explains what they were able to do in September, October of 2019 as well.
“The tradecraft that the attackers used was extremely well done and extremely sophisticated, where they did everything possible to hide in plain sight, so to speak,” Ramakrishna added.
The damage is still being sorted out on what experts say rates as one of the biggest cyber attacks in American history. Hackers believed to be working on behalf of Russia penetrated SolarWinds' systems and then injected malicious code into the company's code.
That proved problematic because approximately 33,000 customers rely on SolarWinds' "Orion" system to manage their IT resources. As SolarWinds sent software updates to customers, the infected code created a backdoor that the attackers were able to use to spy or install more malware. SolarWinds’ customers include a variety of U.S. government agencies such as the Homeland Security Department and State Department as well as IT ..
Support the originator by clicking the read the rest link below.
