Hackers targeted SolarWinds earlier than previously known

Hackers targeted SolarWinds earlier than previously known

The company’s top official said on Wednesday that the hackers who perpetrated large-scale SolarWinds intrusions were months before the software company was known in early January 2019.

SolarWinds first traced the origins of the hack until the fall of 2019, but now believes the hackers were doing “very early reconstruction activities” as before January, according to the company’s president and CEO, Sudhakar Ramakrishna .

Ramakrishna said during a discussion organized by the RSA conference, “The tradecraft the attackers used was very well done and extremely sophisticated, where they tried everything possible to hide in plain sight.”

The SolarWinds hack, first reported last December and linked to the Russian government by US authorities, is one of a series of major breaches that prompted a major cyber security focus from the Biden administration.

By combining the company’s widely used software updates with malicious code, hackers were able to sneak into the networks of several US government agencies and private sector corporations in an apparent act of cyber espionage. The United States imposed sanctions on Russia last month.

Also on Wednesday, the company apologized for blaming an intern earlier this year during Ramakrishna’s congressional testimony for the poor password protection protocol. That public statement, he said, was “not fair.”

He said, “I have long held a belief system and an attitude that you never kill failure. You want your employees, including interns, to make mistakes and learn from those mistakes and together we become better.” “Obviously you don’t want to repeat the same mistake over and over. You want to improve.”

SolarWinds first traced the origins of the hack until the fall of 2019, but now believes the hackers were doing “very early reconstruction activities” as before January, according to the company’s president and CEO, Sudhakar Ramakrishna .

Ramakrishna said during a discussion organized by the RSA conference, “The tradecraft the attackers used was very well done and extremely sophisticated, where they tried everything possible to hide in plain sight.”

The SolarWinds hack, first reported last December and linked to the Russian government by US authorities, is one of a series of major breaches that prompted a major cyber security focus from the Biden administration.

By combining the company’s widely used software updates with malicious code, hackers were able to sneak into the networks of many US government agencies and private-sector corporations in an apparent act of cyber-espionage. The United States imposed sanctions on Russia last month.

Also on Wednesday, the company apologized for blaming an intern earlier this year during Ramakrishna’s congressional testimony for the poor password protection protocol. That public statement, he said, “was not appropriate.”

Leave a Reply