The cyber-attacks on SolarWinds affected thousands of companies, including major technology companies such as Intel and Nvidia. Last week, a new and controversial report was published in various media and networks. According to the report, one of the well-known companies in the field of IT software called Solar Winds was attacked and its systems were hacked. These attacks have affected the systems of several companies in addition to the mentioned systems. It was said at the time that the Russian government was probably behind the cyber-attacks.
Importantly, the cyber-attacks targeted systems at the Treasury Department, the Department of Commerce, the State Department, the Department of Energy, and the United States Department of Homeland Security. Emails from two ministries may also have been stolen during the cyber-attacks.
Other government agencies and many companies are investigating recent cyber-attacks; Because Solar Winds software is widely used. The Wall Street Journal claims in a new report that a number of big techs companies have also been affected by the recent incident.
According to the Wall Street Journal, Cisco, Intel, Nvidia, Belkin, and VMware all have computers on their internal network that have been infected with malware during cyber-attacks on SolarWinds. The number of large technology companies affected by recent cyber-attacks is likely to be higher.
Solar Winds says “less than 18,000 companies” have been infected with malware. After the cyber-attacks, the company tried to remove its customers who used malware from its official website. A new Wall Street Journal report makes the hacking of a number of major Solar Winds customers “likely” from “definitely”.
At present, all technology companies have reacted similarly to this issue and said that they are investigating; but they do not think that hacking Solar Winds software has infected their systems. However, experience shows that understanding the effects of hacking may take a long time.
When hackers enter the system, it is difficult to talk about their complete exit from the system. As the Associated Press reports in a special report, once a hacker enters the network and leaves, we cannot easily trust the security of the network; because hackers generally create backdoors in the network so that they can infiltrate again later.
The SolarWinds file has different terms; because it has affected a large number of companies in a very large way, and the more worrying point is that the hacking process is still going on. It is said that the hacking of Solar Winds software has started a few months ago.
Researchers have recently found another group of hackers who were able to break into Solar Winds through a similar bug. This cyber-attack, known as the Supernova, was originally identified as part of the main attack but researchers now believe that the supernova attack was carried out by the second group of hackers and is less complicated than the previous one.
Why hacker groups want to infiltrate the systems of large technology companies is a question that has several reasons, among which we can mention access to companies‘ future plans to produce products or access to employee and customer information. Hackers can sell this type of information elsewhere or extort money from companies.
At the moment, it seems that most tech companies are not too worried, because hacker groups have been seeking access to information from government agencies using Solar Winds software. Following the media coverage of the SolarWinds incident, the US Computer Security Administration announced that all government agencies should shut down their Solar Winds systems immediately.
The head of Microsoft had previously announced details about the Solar Winds hack. Brad Smith said at the time that we were dealing with a very large, complex, and deadly attack. Reuters quoted informed sources as claiming that the hackers had used Microsoft’s cloud services to carry out part of the hacking process; the claim was rejected by the Redmondians.