The Solar Winds Hack.
The maker of software that is used in the highest echelons of gov, including the White House and NSA, was compromised by attackers who slipped malicious code into the software maker’s trusted code without the software maker knowing it. The code got distributed to its customers.
The software is also used by election voting companies.
That malicious code, once it infected customer systems, opened a backdoor into those systems and contacted the hackers to let them know the door was open for them to surreptitiously enter those systems and begin stealing sensitive data on those networks.
The hackers did this back in March and their activity was only recently discovered – this means they have been inside gov systems all these months stealing data and spying on gov workers without anyone knowing until now. They also infected telecoms and other company networks.
Here is a list of some of the customers who use the software made by the software maker (their name is SolarWinds). All of these were potentially compromised.
This is a national security hack conducted by a nation-state (Russia) and focused on high-value targets/data. While it’s possible yr personal data could have been compromised, it’s more likely not what the hackers were after.
CISA, on Dec. 13, issued a rare emergency directive instructing federal civilian agencies to review their networks and immediately power down SolarWinds products, saying the hack “poses unacceptable risks to the security of federal networks.”
It appears it’s not likely to directly affect everyday Americans like us. But it’s hard to know at this point without knowing which systems were infected and what the hackers did on them. Hopefully, that will come out over the next weeks and months.
Leave a Reply