Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Hackers targeted SolarWinds earlier than previously known
Source: Associated Press
Hackers targeted SolarWinds earlier than previously known
By ERIC TUCKER
May 20, 2021
WASHINGTON (AP) — The hackers who carried out the massive SolarWinds intrusion were in the software company’s system as early as January 2019, months earlier than previously known, the company’s top official said Wednesday.
SolarWinds had previously traced the origins of the hack to the fall of 2019 but now believes that hackers were doing “very early recon activities” as far back as the prior January, according to Sudhakar Ramakrishna, the company’s president and CEO.
“The tradecraft that the attackers used was extremely well done and extremely sophisticated, where they did everything possible to hide in plain sight, so to speak,” Ramakrishna said during a discussion hosted by the RSA Conference.
The SolarWinds hack, which was first reported last December and which U.S. officials have linked to the Russian government, is one in a series of major breaches that has prompted a major cybersecurity focus from the Biden administration. By seeding the company’s widely used software update with malicious code, hackers were able to penetrate the networks of multiple U.S. government agencies and private sector corporations in an apparent act of cyberespionage. The U.S. imposed sanctions against Russia last month.
Also Wednesday, Ramakrishna apologized for the way the company blamed an intern earlier this year during congressional testimony for poor password security protocols. That public statement, he said, was “not appropriate.”
-snip-
By ERIC TUCKER
May 20, 2021
WASHINGTON (AP) — The hackers who carried out the massive SolarWinds intrusion were in the software company’s system as early as January 2019, months earlier than previously known, the company’s top official said Wednesday.
SolarWinds had previously traced the origins of the hack to the fall of 2019 but now believes that hackers were doing “very early recon activities” as far back as the prior January, according to Sudhakar Ramakrishna, the company’s president and CEO.
“The tradecraft that the attackers used was extremely well done and extremely sophisticated, where they did everything possible to hide in plain sight, so to speak,” Ramakrishna said during a discussion hosted by the RSA Conference.
The SolarWinds hack, which was first reported last December and which U.S. officials have linked to the Russian government, is one in a series of major breaches that has prompted a major cybersecurity focus from the Biden administration. By seeding the company’s widely used software update with malicious code, hackers were able to penetrate the networks of multiple U.S. government agencies and private sector corporations in an apparent act of cyberespionage. The U.S. imposed sanctions against Russia last month.
Also Wednesday, Ramakrishna apologized for the way the company blamed an intern earlier this year during congressional testimony for poor password security protocols. That public statement, he said, was “not appropriate.”
-snip-
Read more: https://apnews.com/article/hacking-business-technology-government-and-politics-b221968496ed498457ab56aae7970c90