As more research is conducted into the hack on SolarWinds’ Orion software, the attack’s apparent scale appears to be increasing. Hundreds of networks within the US government were affected.
According to The New York Times, the hack hit up to 250 networks within the US government. Initially, this number was estimated at a few dozen. The hackers were able to prevent detection by executing the hack from servers within the US borders.
In doing so, the hackers abused a US law that the National Security Agency (NSA) is not allowed to eavesdrop internally. As a result, the hack was not subject to surveillance by the Department of Homeland Security.
The New York Times also suggests that the emphasis on securing the elections in the US may have contributed to the hack remaining undetected. As a result, companies and agencies focused less on protecting the supply chain of their software.
Hack started earlier than previously thought
With these revelations, the impact of the SolarWinds hack appears to be greater than first thought. Last week it also became apparent that the software may have been infected earlier than researchers initially thought. Researchers assumed that the attackers had infected SolarWinds Orion around March or April, but this has presumably happened at an earlier time.
A few weeks ago, the news hit that the American software company SolarWinds had been hacked. The attackers had managed to add their own code to the company’s Orion software. The code created a backdoor on computers on which the software was installed, giving hackers access to all the computers on which Orion was running. This includes thousands of computers from a large number of business and government organisations.