Last week, a new and controversial report was published by one of the well-known companies in the field of IT software called Solar Windows (SolarWinds) has been hacked, affecting several companies. It was said at the time that the Russian government was probably behind the cyber-attacks on Solar Winds.
Importantly, the Treasury Department, the Department of Commerce, the State Department, the Department of Energy, and the United States Department of Homeland Security were hacked in cyber attacks on Solar Winds. Emails from two ministries may have been stolen during the cyberattacks.
Other government agencies and many companies are investigating recent cyberattacks; Because Windows Solar software is widely used. News Agency Wall street Journal A new report claims that a number of Big Tech companies have also been affected by the recent incident.
According to the Wall Street Journal, Cisco, Intel, Nvidia, Belkin, and VMware all have computers on their internal network that malware during cyber attacks on Solar Windows. They are infected. The number of large technology companies affected by recent cyber attacks is likely to be higher.
Solar Winds says “less than 18,000 companies” have been infected with malware. Following the cyber-attacks, the company tried to remove the list of its customers who used malicious software from its official website. A new Wall Street Journal report puts the hacking status of a number of SolarWinds clients from “probably” to “definitely”.
At present, all technology companies have reacted similarly to this issue and said that they are investigating; But they do not think that hacking SolarWinds software has infected their systems. However, experience (especially in 2016 and the case of the Democrat National Committee’s emails being hacked) suggests that understanding the effects of hacking may take a long time.
When hackers enter the system, it is difficult to talk about their complete exit from the system. As the news agency Associated Press “Once a hacker enters the network and leaves, we can not easily trust the security of the network,” he wrote in a special report. Because hackers usually create backdoors in the network so that they can infiltrate again later.
The SolarWinds file has different terms; Because it has affected a large number of companies to a very large extent, and the more worrying point is that the hacking process is still ongoing. It is said that the hacking of SolarWinds software started a few months ago.
Researchers have recently found another group of hackers who were able to break into SolarWinds through a similar bug. This cyber attack, known as the Supernova, was originally identified as part of the main attack (Sunburst); But researchers now believe that the supernova attack was carried out by a second group of hackers and is less complicated than it used to be.
Why hacker groups want to infiltrate the systems of large technology companies is a question that has several reasons, among which we can mention access to companies’ future plans to produce products or access to employee and customer information. Hackers can sell this type of information elsewhere or extort money from companies.
At the moment, it seems that most tech companies are not too worried, because hacker groups have originally sought access to information from government agencies using SolarWinds software. The US Computer Security Agency said following the media coverage of the SolarWinds incident that all government agencies should shut down SolarWinds systems immediately.
The head of Microsoft had previously announced details about the SolarWinds hack. Brad Smith He said at the time that he was on the side of a very large, complex and deadly attack. Reuters According to informed sources, the hackers used Microsoft cloud services to carry out part of the hacking process; The claim was rejected by the Redmondians.