A second SolarWinds attack might have taken place and it was not Russian hackers this time. Security researchers said that the Chinese hackers might have exploited an independent flaw that is different from the reported SolarWinds attack last year.
BERLIN, GERMANY - DECEMBER 27: A participant looks at lines of code on a laptop on the first day of the 28th Chaos Communication Congress (28C3) - Behind Enemy Lines computer hacker conference on December 27, 2011 in Berlin, Germany. The Chaos Computer Club is Europe's biggest network of computer hackers and its annual congress draws up to 3,000 participants.
According to The Wired's latest report, the alleged Chinese hackers independently exploited a different flaw during the Russian hackers' previous attack. Chinese News Asia reported that the second attack specifically targeted the United States Department of Agriculture's National Finance Center.
The software giant SolarWinds confirmed that it already patched the said vulnerability that the Chinese hackers exploited in December. Although this is the case, security researchers said that the alleged Chinese attack just shows that SolarWinds' third-party companies could also be vulnerable.
Why the second SolarWinds attack is alarming
Security researchers said that if the SolarWinds' third-party companies are vulnerable, their flaws could also affect the main company as well.
BERLIN, GERMANY - DECEMBER 27: A particpant checks a circuit board next to an oscilloscope on the first day of the 28th Chaos Communication Congress (28C3) - Behind Enemy Lines computer hacker conference on December 27, 2011 in Berlin, Germany. The Chaos Computer Club is Europe's biggest network of computer hackers and its annual congress draws up to 3,000 participants.
Also Read: Applications on Apple's App Store Are Still Tracking Your Data; New Labels Are Inaccurate
"It's not realistic to not depend on any third parties," said the security firm Red Canary's director of intelligence Katie Nickels via The Wired.
"It's just not really the way any network is run. But what we saw for the first week or two even after the initial SolarWinds revelations were some organizations just trying to figure out whether they even use SolarWinds products," she added.
On the other hand, the software giant said that the second exploited vulnerability is very different from the one that Russian hackers were able to implement. SolarWinds added that the Chinese hackers' flaw was only exploited after they infiltrated the company's network using other methods.
Why SolarWinds software provider is targeted
Researchers said that SolarWinds is still using Microsoft Windows, which is a popular target for different hackers and cybercriminals. The software company is also two decades old and has a big customer base including the United States' government contracts and those abroad ones.
Although this is the case, the SolarWinds software is just one of the tools that companies and other IT management services need to continuously run. This means that the hackers could also focus on other software or tools that different companies are using, and SolarWinds' previous attacks show that cybercriminals are becoming more notorious than ever.
For more news updates about SolarWinds attacks and other security breaches, always keep your tabs open here at TechTimes.
Related Article: Washington State Data Breach 2021: 1.6 Million Citizens with Unemployment Claims Exposed! Possible Identity Theft?
This article is owned by TechTimes.
Written by: Giuliano de Leon.
