Skip to main content

REVEALED: Russian hackers conducted 'dry run' of its massive cyber attack - raising fears they have had access to SolarWinds software for more than a YEAR

The suspected Russian hack of US government agencies may have been in the works for longer than suggested, as it's revealed hackers may have conducted a 'dry run' of their massive cyber attack over a year ago.   

US officials on Friday said hackers appeared to have targeted SolarWinds Corp back in October 2019, five months before executing a more destructive and malicious breach in March that was only detected recently. 

The hackers are believed to have tested their ability to insert malicious code into the company's network management software on October 10 which was later delivered to some 18,000 of the company's customers. 

The hack began as early as March this year when hackers snuck malicious code into recent versions of SolarWinds' premier software product, Orion. The Austin-based software company provides vital computer network monitoring services to major corporations and government agencies worldwide

The hack began as early as March this year when hackers snuck malicious code into recent versions of SolarWinds' premier software product, Orion. The Austin-based software company provides vital computer network monitoring services to major corporations and government agencies worldwide

The list of victims from the devastating and long-undetected hack on US government agencies and companies continues to grow ever since the sprawling cyber-espionage campaign was disclosed earlier this week. This heat map of infections created by Microsoft shows that those infiltrated by the hackers are spread out across the US

The list of victims from the devastating and long-undetected hack on US government agencies and companies continues to grow ever since the sprawling cyber-espionage campaign was disclosed earlier this week. This heat map of infections created by Microsoft shows that those infiltrated by the hackers are spread out across the US

GOVT AGENCIES KNOWN TO HAVE BEEN TARGETED BY HACKERS SO FAR

Officials said a version of the SolarWinds Orion product had been tampered with around that time, however it did not contain the secret network backdoor - which authorities are calling SUNBURST - as the subsequent breach, according to the U.S. Cybersecurity and Infrastructure Security Agency.  

The tampered files went undetected, and in March of 2020, the hackers began using Orion updates to deliver their backdoor.

'We're thinking they wanted to test whether or not it was going to work and whether it would be detected. So it was more or less a dry run,' a source familiar with the investigation told Yahoo News. 

'They took their time. They decided to not go out with an actual backdoor right away. That signifies that they're a little bit more disciplined and deliberate,' the person added.   

The evidence also points to a more concerning suggestion that the hackers may have had access to the company's software prior to October 2019. 

'This tells us the actor had access to SolarWinds' environment much earlier than this year. We know at minimum they had access October 10, 2019. But they would certainly have had to have access longer than that,' the source told Yahoo. 

'So that intrusion into has to originate probably at least a couple of months before that - probably at least mid-2019 if not .' 

Secretary of State Mike Pompeo has become the first U.S. official to publicly attribute a massive hacking campaign to Russia. He is seen above with Putin in 2019

Secretary of State Mike Pompeo has become the first U.S. official to publicly attribute a massive hacking campaign to Russia. He is seen above with Putin in 2019

SolarWinds timeline: Company stocks and when they discovered attack 

March: Updated versions of SolarWinds premier product, Orion, are infiltrated by an 'outside nation state'

SolarWinds customers who installed updates to their Orion software were unknowingly welcoming hidden malicious code that could give intruders the same view of their corporate network that in-house IT crews have

The US issues an emergency warning, ordering government users to disconnect SolarWinds software which it said had been compromised by 'malicious actors'

The Pentagon, the State Department and the National Institutes of Health, as well as the Treasury, Commerce and Homeland Security departments reveal they were targeted

SolarWinds, which disclosed its unwitting role at the center of the global hack on Monday, has said that up to 18,000 users of its Orion software downloaded a compromised update containing malicious code planted by the attackers.

The attack was believed to be the work of an 'outside nation state,' SolarWinds said in a regulatory disclosure. 

In addition to major federal agencies and critical infrastructure, the hackers targeted entities as various as a county government in Arizona and a cable television company.

The Pima County, Arizona government and Cox Communications Inc were identified as victims of the intrusion by Reuters after running a publicly available coding script.

Sources familiar with the US investigation have said the hack was likely carried out by Russia's foreign intelligence service. Moscow has denied involvement. 

Secretary of State Mike Pompeo on Friday became the first US official to publicly attribute the massive hacking campaign to Russia.

'There was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems,' Pompeo told The Mark Levin Show on Friday.

'This was a very significant effort, and I think it's the case that now we can say pretty clearly that it was the Russians that engaged in this activity.'

Russian President Vladimir Putin's spokesman later denied Kremlin involvement, and the Russian embassy said in a statement that the country 'does not conduct offensive operations in the cyber domain.'  

The sprawling attack, which went undetected for nearly nine months, compromised the Departments of Homeland Security, Justice, Treasury, State and Energy, as well as a growing list of companies and local governments across the country. 

Officials with the nation's cybersecurity agency warn that the breach could be difficult to undo, saying the hackers 'demonstrated sophistication and complex tradecraft' and that it was likely that they had built additional secret backdoors while active inside the compromised networks. 

Experts say there simply are not enough skilled threat-hunting teams to properly identify all the government and private-sector systems that may have been hacked, and warn infected networks may have to be 'burned to the ground' and rebuilt from scratch. 

Popular posts from this blog

Study Abroad USA, College of Charleston, Popular Courses, Alumni

Thinking for Study Abroad USA. School of Charleston, the wonderful grounds is situated in the actual middle of a verifiable city - Charleston. Get snatched up by the wonderful and customary engineering, beautiful pathways, or look at the advanced steel and glass building which houses the School of Business. The grounds additionally gives students simple admittance to a few major tech organizations like Amazon's CreateSpace, Google, TwitPic, and so on. The school offers students nearby as well as off-grounds convenience going from completely outfitted home lobbies to memorable homes. It is prepared to offer different types of assistance and facilities like clubs, associations, sporting exercises, support administrations, etc. To put it plainly, the school grounds is rising with energy and there will never be a dull second for students at the College of Charleston. Concentrate on Abroad USA is improving and remunerating for your future. The energetic grounds likewise houses various
Read more

Best MBA Online Colleges in the USA

“Opportunities never open, instead we create them for us”. Beginning with this amazing saying, let’s unbox today’s knowledge. Love Business and marketing? Want to make a high-paid career in business administration? Well, if yes, then mate, we have got you something amazing to do!   We all imagine an effortless future with a cozy house and a laptop. Well, well! You can make this happen. Today, with this guide, we will be exploring some of the top-notch online MBA universities and institutes in the USA. Let’s get started! Why learn Online MBA from the USA? Access to More Options This online era has given a second chance to children who want to reflect on their careers while managing their hectic schedules. In this, the internet has played a very crucial in rejuvenating schools, institutes, and colleges to give the best education to students across the globe. Graduating with Less Debt Regular classes from high reputed institutes often charge heavy tuition fees. However onl
Read more

Sickening moment maskless 'Karen' COUGHS in the face of grocery store customer, then claims she doesn't have to wear a mask because she 'isn't sick'

A woman was captured on camera following a customer through a supermarket as she coughs on her after claiming she does not need a mask because she is not sick.  Video of the incident, which has garnered hundreds of thousands of views on Twitter alone, allegedly took place in a Su per Saver in Lincoln, Nebraska according to Twitter user @davenewworld_2. In it, an unidentified woman was captured dramatically coughing as she smiles saying 'Excuse me! I'm coming through' in the direction of the customer recording her. Scroll down for video An unidentified woman was captured dramatically coughing as she smiles saying 'Excuse me! I'm coming through' in the direction of a woman recording her A woman was captured on camera following a customer as she coughs on her in a supermarket without a mask on claiming she does not need one because she is not sick @chaiteabugz #karen #covid #karens #karensgonewild #karensalert #masks we were just wearing a mask at the store. ¿ o
Read more