SolarWinds Hack: A cyberattack discovered in the USA

SolarWinds Hack: A cyberattack discovered in the USA

Part of: GS Prelims and GS-III – Cybersecurity

In news

• The ‘SolarWinds hack’, a cyberattack recently discovered in the USA.
• It has emerged as one of the biggest ever targeted against the US government, its agencies and several other private companies. 
• It is likely a global cyberattack.

Key takeaways 

• This is being called a ‘Supply Chain’ attack. 
• Instead of directly attacking the federal government or a private organisation’s network, the hackers target a third-party vendor, which supplies software to them.
• In this case, the target was an IT management software called Orion, supplied by the Texas-based company SolarWinds.
• Orion has been a dominant software from SolarWinds with clients, which include over 33,000 companies.
• The hackers gained “access to victims via trojanized updates to SolarWinds’ Orion IT monitoring and management software. 
• Once installed, the malware gave a backdoor entry to the hackers to the systems and networks of SolarWinds’ customers.