Here’s a simple explanation of how the massive SolarWinds hack happened and why it’s such a big deal.
- SolarWinds is a major IT firm that provides software for entities ranging from Fortune 500 companies to the US government.
- Reuters first reported that SolarWinds was the subject of a massive cybersecurity attack that spread to the company’s clients.
- The breach went undetected for months, and could have exposed data in the highest reaches of government, including the US military and the White House.
- Here’s a simple explanation of what happened and why it’s important.
Foreign hackers, who some top US officials believe are from Russia, were able to use the hack to spy on private companies like the elite cybersecurity firm FireEye and the upper echelons of the US Government, including the Department of Homeland Security and Treasury Department.
Here’s a simple explanation of how the massive breach happened, and why it matters.
An unusual hack
Earlier this year, hackers secretly broke into Texas-based SolarWind’s systems and added malicious code into the company’s software system. The system, called “Orion,” is widely used by companies to manage IT resources. Solarwinds has 33,000 customers that use Orion, according to SEC documents.
Most software providers regularly send out updates to their systems, whether it’s fixing a bug or adding new features. SolarWinds is no exception. Beginning as early as March, SolarWinds unwittingly sent out software updates to its customers that included the hacked code.
The code created a backdoor to customer’s information technology systems, which hackers then used to install even more malware that helped them spy on companies and organisations.