HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Main » Editorials & Other Articles (Forum) » Russian hackers exploited...

Sat Apr 17, 2021, 09:57 AM

Russian hackers exploited gaps in U.S. defenses and spent months in government and corporate network




A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack
Russian hackers exploited gaps in U.S. defenses and spent months in government and corporate networks in one of the most effective cyber


?s=20




A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack


https://www.npr.org/2021/04/16/985439655/a-worst-nightmare-cyberattack-the-untold-story-of-the-solarwinds-hack

April 16, 202110:05 AM ET



An NPR investigation into the SolarWinds attack reveals a hack unlike any other, launched by a sophisticated adversary intent on exploiting the soft underbelly of our digital lives.

Zoë van Dijk for NPR


....................................

"This release includes bug fixes, increased stability and performance improvements."
..................................


Last spring, a Texas-based company called SolarWinds made one such software update available to its customers. It was supposed to provide the regular fare — bug fixes, performance enhancements — to the company's popular network management system, a software program called Orion that keeps a watchful eye on all the various components in a company's network. Customers simply had to log into the company's software development website, type a password and then wait for the update to land seamlessly onto their servers.

The routine update, it turns out, is no longer so routine.


Hackers believed to be directed by the Russian intelligence service, the SVR, used that routine software update to slip malicious code into Orion's software and then used it as a vehicle for a massive cyberattack against America.
Article continues after sponsor message

"Eighteen thousand [customers] was our best estimate of who may have downloaded the code between March and June of 2020,"


.....................................
..........................................

NPR's months-long examination of that landmark attack — based on interviews with dozens of players from company officials to victims to cyber forensics experts who investigated, and intelligence officials who are in the process of calibrating the Biden administration's response — reveals a hack unlike any other, launched by a sophisticated adversary who took aim at a soft underbelly of digital life: the routine software update. ................................

1 replies, 1158 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 1 replies Author Time Post
Reply Russian hackers exploited gaps in U.S. defenses and spent months in government and corporate network (Original post)
riversedge Apr 17 OP
Chin music Apr 17 #1

Response to riversedge (Original post)

Reply to this thread