The US government was hacked. On December 13, the world learned of hackers believed to be working for Russia who has been monitoring internal email traffic at the US Treasury Department and an agency that decides internet and telecommunications policy. Referred to as “a sophisticated hacking group” backed by “a foreign government” the hackers were able to breach US government entities by first attacking SolarWinds IT, a leading provider of IT infrastructure management software with over 300,00 customers.
According to their website, its customers include most of America’s Fortune 500 companies, all top ten US telecommunications providers, all five branches of the U.S. military, the State Department, the National Security Agency, and the Office of President of the United States.
By compromising the software used by government entities and corporations to monitor their network, hackers were able to access their network while appearing as legitimate traffic.
So far, more than 25 entities have been victimised by the attack, according to people familiar with the investigations. But SolarWinds says as many as 18,000 entities may have downloaded the malicious trojan. The hackers compromised the SolarWinds server that sends updates so that any time a customer checks in to request an update, the hackers could connect to that update to gain access into a victim’s system.
Companies such as FireEye Inc. discovered that they were hacked this month. They immediately started to investigate the matter and figure out how attackers got past their cybersecurity defense. If the hackers did not attack FireEye, there is a chance the attack could have gone on for much longer, according to a FireEye executive. FireEye looked through 50,000 lines of source code to discover the SolarWinds backdoor.
Unfortunately, there will be more companies who will victims over the next weeks and months. This is an international cybersecurity attack on a scale never seen before and it is a huge sign that the threats and sophistication are not slowing down. If the US Government can be hacked so can your business. To put it into perspective, over 2/3 (67%) of Australian organisations have suffered a ransomware attack in the last 12 months representing 10% points above the global average of 57%.
We urge you to work with an experienced business cyber security expert now before you become a victim of an attack. Contact us today to discuss Managed Security Services, Penetration Testing Services, Cyber Incident Response Services and more.