Approximately 100 US companies and nine government agencies were affected by a hack using SolarWinds’ Orion software, blamed for “Russian hackers.” The real scale of the cyberattack became known during the hearings of the US Senate, The Guardian reports.
According to Microsoft President Brad Smith, SolarWinds has been hacked by “at least 1,000 very skilled, very capable programmers.” “This is the largest and most complex operation we’ve seen,” Smith told Senators.
The head of Microsoft compared SolarWinds software to a healthcare system. According to him, the hacking of this program by the attackers was akin to the robber turning off the alarm for all residents instead of only one apartment where he wanted to enter. “Everyone’s safety is at stake. This is what we are facing,” Smith said. He added that attackers could use up to a dozen different methods to infiltrate their victims’ networks.
On December 14, Reuters reported that Russian hackers allegedly carried out an attack on the US Department of Homeland Security and gained access to internal communications in the department. At the same time, the attack was noticed only after almost a year – after about nine months. The attack was part of a campaign that also hacked into the systems of the US Treasury and the National Telecommunications and Information Administration. Moscow denies accusations of hacker attacks on American departments and considers them unfounded.