The massive SolarWinds hack and the future of cyber espionage
In December 2020, cybersecurity firm FireEye discovered that it had been compromised by a sophisticated hack. SolarWinds, an IT firm that FireEye used, was the victim of a supply chain attack that gave hackers access to potentially thousands of targets, including FireEye.
“The SolarWinds hack was and really is and continues to be one of the biggest espionage campaigns recently discovered,” said Thomas Rid, a professor of strategic studies at Johns Hopkins University.
Microsoft, Google and several U.S. government agencies were among those compromised by the intrusion.
“What’s unique about this or special about this particular intrusion is that they use the access they got by compromising SolarWinds itself to insert malware into the build process,” said Jacob Williams, founder of Rendition InfoSec. “This then allowed them to target SolarWinds [and] customers that deployed this back door update.”
The repercussions of the SolarWinds hack are still being unraveled. As the Biden administration settles in, it will have to contend with the aftermath of this hack, and also work to prevent future security lapses that can endanger national security.
How were hackers able to compromise so many key U.S. companies and government agencies, and how can the U.S. prevent this from happening again? Watch the video above to find out.