There’s been a lot of news recently about Russia hacking the U.S. While the situation is evolving daily, here’s what we know so far, whether you should be concerned, and where to find more information.
What Happened
Between March–June 2020, a company called SolarWinds was hacked. SolarWinds produces systems management tools — tools that help IT folks manage their computer networks, servers, workstations, and other devices. The hacker planted malicious software into SolarWinds’ Orion network management software. So, every time a customer downloaded SolarWinds Orion software, the customer got an “infected” version.
The infected version gives the hacker a backdoor into those companies’ networks — estimated to be about 18,000 government agencies and businesses. Once the hacker gets into those networks, they can steal information, run malicious programs like ransomware, reboot devices, and disable running programs. They would basically “own” the network.
Read more about the attack from CISA
This is a Big Deal
This type of attack and the malicious software are very sophisticated. “Everyday” hackers don’t generally have the skills or resources to create and conduct this type of attack. Cybersecurity professionals strongly suspect that a nation state, like Russia, is behind the attack. But there’s been no official statement identifying the hacker.
Should You Be Concerned?
If you’re not using the affected SolarWinds software, then you’re not at risk from this attack. If you use a third-party or vendor to manage your computer systems, check with them.