In recent times, the ‘SolarWinds’ cyberattack on the US government and various other private firms across the globe is one of the biggest ‘supply-chain’ attacks that have come to light. On December 8, the attack first came to light when cyber-security FireEye found itself under attack. More revelations have surfaced since then. The magnitude of this attack is being said one of the largest and global in nature. However, the big target seems to be the US government. This week Microsoft also came up with a statement. It stated to have found proofs of the malware used to target the SolarWinds software in its networks. Recently, CISCO also confirmed that it also came under cyberattack.
As per FireEye, the style in which the attack took place specified the attack to be a supply chain attack. According to them, the attackers had access to cutting-edge capabilities and were tremendously focused. The attackers were hell bent to target the firms supplying software to the US government and other private companies. Hackers attacked a software called Orion. It is an IT management software designed by a Texas-based firm called SolarWinds. FireEye has named the malware ‘Sunburst’, which was added to an update for Orion. Then 17,000 customers of SolarWinds installed the update.
This attack appears to have been a long operation which carried on secretly for many months. As per FireEye, the campaign started in Spring of 2020. As per SolarWinds, the cyber-espionage crusade started in March 2020 and went unnoticed for many months. FireEye only found something was wrong when they were under attack and their own cybersecurity tools were pilfered, and started inspecting their attack.