- #Solarwinds security vulnerability update#
- #Solarwinds security vulnerability code#
- #Solarwinds security vulnerability professional#
That is, it took more than half a year since the SolarWinds attack was launched until it was discovered. In addition, one of the factors contributing to the massive damage of an attack lies in the delay in detecting the behavior of this hacker group.
Therefore, by analyzing the nature and characteristics of large-scale cyber-attacks like SolarWinds hack, this proposal will recommend possible precautions to prevent similar attacks from occurring as much as possible in the future. Given the severity of a large-scale attack, concentrating resources on security agenda enhancement measures should be a top priority in the security agenda. The serious large-scale attack on SolarWinds has signaled the possibility of cyber warfare becoming more present and fierce than ever. Although believed to have originated and backed by another country-Russia, hackers launched attacks from within the United States. Īccording to Deputy National Security Advisor for Cyber and Emerging Technology, Anne Neuberger, as of February 17, 2021, at least nine federal agencies and more than one-thousand private companies have been affected by the attack. The attack was completely undetected until December 13, 2020, by FireEye – a direct victim of the cyberattack.
#Solarwinds security vulnerability code#
However, it was not until February 2020 that the intrusion and distribution of malicious code began to be carried out.
#Solarwinds security vulnerability update#
Aiming at a very normal activity of service users, which is software updates, hackers began to try to insert malicious code into the SolarWinds Orion Platform software update from the end of 2019.
#Solarwinds security vulnerability professional#
The attack was carried out in a very methodical manner with the participation of more than 1000 professional engineers believed to be sponsored by Russia. SolarWinds has made a statement that up to 18,000 out of more than 300,000 of their customers were infected with malicious code. SolarWinds network and security products, as of the time of the attack, were used by more than 300,000 major customers worldwide, including various Fortune 500 companies, major telecom companies, military and government organizations such as the Pentagon, the United States Aeronautics and Space Administration (NASA), National Security Agency (NSA), State Department, Justice Department, and even the Executive Office of the President. The attack was conducted through SolarWinds, a large and reputable US cybersecurity company headquartered in Texas. In the late 2020 and early 2021, while strained by the Covid-19 pandemic and preparing for the transfer of power following the presidential election, the United States admitted that it suffered the biggest cyber-attack ever in terms of sophistication and extent of impact.
0 kommentar(er)
