Last year today, security company FireEye announced what was as shocking as it was. Top hackers had it quietly entered the company’s network, planning their attacks carefully to avoid the company’s security. It was a thread that could fit into what is now called SolarWinds hack, a Russian spy service that caused widespread suffering.
To say that the SolarWinds attack was a wake-up call would be absurd. It revealed how a fall could be obtained from the so-called supply chain attack, while the attackers disrupt the most widely used programs in the country of origin, giving them the power to pass on to any user. In this case, it means that Russian intelligence had the opportunity to gain 18,000 SolarWinds customers. He later joined less than 100 networks, including Fortune 500 companies such as Microsoft and US Justice Department, State Department, and NASA.
Supply chain attack it is not new. But SolarWinds’ growing problem led to a lot of public awareness, which spawned many more years of improving security for technology companies and the US government.
“If I don’t call on December 12, I will feel like I have won,” said SolarWinds President and CEO Sudhakar Ramakrishna. That’s the day SolarWinds alone learned that Orion, its IT monitoring tool, is the source of FireEye’s intervention – and that could ultimately be a lot. Ramakrishna did not work for Solarwinds, but was due to join them on January 4, 2021.
Although this week marks the one-year anniversary of SolarWinds’ discovery, the event took place earlier in March 2020. Russian APT 29 hackers – also known as Cozy Bear, UNC2452, and Nobelium – spent months setting up the foundation. But this same dissonance shows how the risks of software present. The most difficult part of the project is the development. If the stage section is running smoothly, they are able to turn on the switch and gain access to multiple networks at the same time, all with reliable software that seems legitimate.
Across the security area, experts told WIRED that the hacking of SolarWinds – also known as the Sunburst hack, after a back-end malware program launched via Orion – has raised awareness of the need for transparency and awareness of software visibility and reliability. Obviously there have been other software developer risks before December 2020, such as disrupting CCleaner computer cleaning tool and Russia malicious distribution of NotPetya malware through the Ukrainian accounting program MEDoc. But for the US government and the tech industry, the campaign came very close to home.
“It was a big change,” said Eric Brewer, vice president of Cloud Infrastructure. “Before I explained to the public that companies had a problem here, we had to deal with it, and I think it was understandable, but it was not very important. The attacks that people did not see directly were fictional.
This awareness has also begun to translate into action, including the development of programming-like programs and methods for better coding. But it is a late task; the chain reaction problem requires as many answers as there are types of software development.