The new information about the 2019 files expands the previously reported timeline around the intrusions and indicates that the hackers had already compromised SolarWinds’ software update system at least five months earlier than reported. The Treasury Building in Washington, D.C. Not all SolarWinds customers downloaded the malicious updates. In the commercial sector, the security firm FireEye was also breached by the hackers through SolarWinds software, and late Tuesday Microsoft acknowledged that it had found malicious SolarWinds files on its network as well. Treasury and Commerce departments, the Department of Homeland Security, national labs working for the Department of Energy, and the National Nuclear Security Administration, which oversees the national nuclear weapons stockpile. The specific number of infected victims remains unknown at this time, but some of the victims breached with the spring 2020 files reportedly include: divisions within the U.S.
#Solarwinds breach download#
But they would also have been able to breach other systems on the network or download new malicious files directly to those systems. Once inside an infected network, the attackers could have used the SolarWinds software to learn about the structure of the network or alter the configuration of network systems. These new files installed a backdoor on victim networks that allowed the hackers to directly access them. The October files were discovered in the systems of several victims, but investigators have so far found no signs that the hackers engaged in any additional malicious activity on those systems after the files landed on them.įive months later, the hackers added new malicious files to the SolarWinds software update servers that got distributed and installed on the networks of federal government agencies and other customers. That signifies that they’re a little bit more disciplined and deliberate.” They decided to not go out with an actual backdoor right away. So it was more or less a dry run,” a source familiar with the investigation told Yahoo News. “We’re thinking they wanted to test whether or not it was going to work and whether it would be detected. 10, did not have a backdoor embedded in them, however, in the way that subsequent malicious files that victims downloaded in the spring of 2020 did, and these files went undetected until this month. The October files, distributed to customers on Oct. The hackers distributed malicious files from the SolarWinds network in October 2019, five months before previously reported files were sent to victims through the company’s software update servers. Hackers who breached federal agency networks through software made by a company called SolarWinds appear to have conducted a test run of their broad espionage campaign last year, according to sources with knowledge of the operation.
0 kommentar(er)
