30% of ‘SolarWinds’ Victims Didn’t Actually Use SolarWinds Software, Officials Say

The hacker group behind the SolarWinds The scandal has found other ways to encroach on US companies and public agencies than to simply compromise the incumbent software company. In fact, almost a third of hack victims, or around 30%– have no connection with SolarWinds, a senior federal security official said this week.

Brandon Wales, Acting Director of the Cybersecurity and Infrastructure Security Agency, told the Wall Street Journal that the hackers “gained access to their targets in different ways” and that it “is absolutely correct that this campaign should not be viewed as the SolarWinds campaign”.

Indeed, the cybersecurity scandal – which turned out to be the largest in the history of the United States—Unfortunately, it became known as “SolarWinds” after hackers used malware to infiltrate the company and its customers using its popular Orion software, an IT management program commonly used by government agencies .

But, as was previously reported, hackers seem to have leveraged a multitude of strategies to break through American entities – not just by hacking Orion. This included exploit poorly secured administrative credentials, pulverize passwords and even, apparently, just guess passwords. They also compromised other independent companies in the SolarWinds supply chain, such as Microsoft, FireEye and Malwarebytes, and also appear to have used Microsoft’s cloud-based Office software to access certain government agencies.

Indeed, investigators are still unraveling the path of the hackers and the route they took as they made their way to a vital US supply chain. The Wall Street Journal reports:

SolarWinds itself is investigating whether Microsoft’s cloud was the initial point of entry for hackers into its network, according to someone familiar with the SolarWinds investigation, who said it was one of many. theories pursued.

Hacking affected a worrying number powerful federal agencies, including the Department of Defense, Federal Justice, Treasury, Commerce, Labor, and State Departments, the DOJ, and the National Nuclear Security Administration (NNSA), which is responsible for securing the US nuclear stock, among others.

President Joe Biden has sworn to punish the guilty– saying recently that it would ensure “substantial costs” to those responsible. He also promised to invest more heavily in efforts to secure federal agencies and said he would do cybersecurity a more central and strategic part of his presidency than its predecessor.

The US government tentatively blamed Russia for the hacking, publish a statement earlier this month in which he stated that “an Advanced Persistent Threat (APT) actor, presumably of Russian origin, is responsible for most or all of the recently discovered and ongoing cyber compromises of government and non-government networks.” ”

However, some private companies have been more careful with the award. Benjamin Reed, the threat intelligence director at FireEye (who was also hacked by the same actor) recently said he had “Did not see enough evidence” to determine if the actor was from Russia, although he called it “plausible.” Russia has denied any responsibility.