Recently the news of a hack in the US has been making quite some noise. It is believed to have started earlier in March of this year, when malicious code was snuck into updates of a software called Orion, made by a company called SolarWinds, which provides network-monitoring and other related services to hundreds of thousands of organisations around the world. This malware has given the perpetrators remote access to an organisation’s networks. Since it took months to uncover, it is believed to have given the hackers a decent window to extract information from the targets including monitoring email and other internal communications.
The first word came out when a leading cybersecurity firm in the US -FireEye announced it had been breached and some of its most valuable tools were stolen.
‘The malware turns out to have been embedded in what appeared to be a software-update message from SolarWinds, sent through SolarWinds servers with a valid digital signature.This sort of attack—which is particularly pernicious because it makes users reluctant to download legitimate software updates—is known as a “software supply-chain attack.”’…’The Russian hackers in this case—members of a team known as APT29 or “Cozy Bear”—were sophisticated inanother way. They didn’t pounce and start accessing or exfiltrating data right after the victim downloaded the malware.Instead they waited, in some cases for weeks or months, so that if the malware was detected, it would be very hard for an analyst to examine the logs and trace where or when it was inserted.’– Slate Magazine.
It has apparently breached 18,000 computer networks including at least six federal agencies’ of the US government. US President Donald Trump earlier downplayed the incident saying “The Cyber Hack is far greater in the Fake News Media than in actuality”.!