SolarWinds was one of the most malicious attacks against the American government and major agencies. First discovered in November 2020, the hacking campaign went against the government and its major companies by gaining its users' sensitive and personal data. At least nine federal agencies, including the Department of Homeland Security and the State Department, were targeted. The attackers exploited the product SolarWinds, a U.S. software, to hack these corporate and government targets.
SolarWinds Orion is a network management product used by tens of thousands of corporations and government agencies.
The hackers, who the officials believe are Russian pirates, attacked these users by making a point to undermine the trust in targeted networks. Attackers exploited the victim's identity by gaining their personal information, impersonating the user, and gaining free access to the victim's Azure and Microsoft 365 accounts.
By utilizing users' identities and gaining the system's trust, hackers maximized stealth and became harder to track. This was the most complex and challenging incident the government and corporate agencies had to face. With almost a year of hacking undetected, it is difficult to uncover the full impact of the damage.
US Cybersecurity and Infrastructure Agency
According to Brandon Wales, acting director of the U.S. Cybersecurity and Infrastructure Agency (CISA), this was no simple attack. Dividing it into two phases, there was a short-term remediation effect of actively removing these attackers, shutting down the accounts they gained access to, and closing the entry points they used. Contrarily, a long-term effect would be the months it takes to make a strategic recovery after this attack.
U.S. Cybersecurity and Infrastructure Agency investigators worked through the holidays to help agencies hunt these hackers out of their systems and salvage the data. These investigators gained legal authority to hunt for cyber threats against the federal government. Unfortunately, they lack the resource and personnel. CISA pushed for more visibility in its cloud environment to detect these cyber espionage.
With this incident, government and corporate groups gained awareness of these cyber attacks' intensity and severity. Administrators in the coming months would practice handling this issue with vigilance. Protection against cyberattacks is finally emphasized as a priority too.
2020 Cyberspace Solarium Commission
In March 2020, Cyberspace Solarium Commission executive director Mark Montgomery recommended solutions to the government to ameliorate their cyberspace damage. Relevant among his suggestions is the declaration of a "cyber state of distress," appealing for additional resources and funds.
Conclusively, the federal government should respond with proper leadership and coordination against cyber attacks. Under Anne Neuberger, deputy national security adviser for cyber policy, regular briefings are conducted to mitigate and address similar incidents as quickly as possible. Series of consultations with the Republican and Democratic members of the congress helped create a cybersecurity strategy and security. This partnership is expected to work progressively against similar attacks.
Both current and former intelligence officials are doing their best to counter future hacking and espionage operations against the U.S. government and its citizens.
Related Article: SolarWinds Executives Blame Intern for Leaking Password 'solarwinds123,' Leading to Largest Security Breach in The US
This article is owned by Tech Times
Written by Czarina Del Valle