SolarWinds' hack may be much worse than originally feared
SolarWinds' hack may be much worse than originally feared

The New York Times reported that the SolarWinds hacker, which targets the Russian government and targets US government agencies and private companies, may be worse than originally feared, affecting about 250 federal agencies and companies.

Microsoft said: Hackers have violated SolarWinds' Orion monitoring and management program and can impersonate all existing users and accounts in the organization, including users and accounts with higher privileges. high.

The New York Times said: Russia has used all levels of the supply chain to obtain the right to use agencies.

The report notes that the defense system has many flaws because in this case, the early warning systems implemented by the US Electronic Command and the US National Security Agency on foreign networks failed to detect potential attacks.

Moreover, the US government's interest in protecting the November elections from foreign hackers appears to have stolen resources and shifted its focus away from the software supply chain.

The attacks in the United States also appear to allow hackers to evade disclosures from the US Department of Homeland Security and impose legal restrictions on domestic espionage.

Microsoft announced earlier this week that its systems had been compromised, and not just malicious code from SolarWinds.

According to the software giant, hackers can see the source code in many repositories of code, but a compromised account that has been granted access cannot modify the code or the system.

Microsoft said: No evidence of access to production services or customer data was found, nor was there evidence that its systems were used to attack anyone.

The website in question itself may also play a role as investigators attempt to determine that the breach was the result of violations by SolarWinds in Eastern European countries such as Belarus, the Czech Republic and Poland.

Engineers there will benefit extensively from Orion's compromised network program, and Russia will become more familiar with the region.

According to the report, SolarWinds is making slow progress in addressing security concerns and is ignoring Counselor (Ian Trump) Ian Trump's call for more active internal protection.

Mark Warner, a senior member of the Senate Intelligence Committee, told The Times: The hack looks a lot worse than he originally feared.

He added: The extent of SolarWinds penetration in Russia is increasing, and it is clear that the US government has misjudged the extent of penetration from the start.

The full extent of this damage is currently uncertain and it may take months or more to determine how the damage occurred, and most importantly, how much damage was done.

Previous Post Next Post