Using Twitter for his first comments on the attack, then-U.S. nuclear weapons stockpile, were publicly named as victims of the attack.ĭecember 19, 2020: 200 more victims listed - Recorded Future, a cybersecurity firm, identified an additional list of government agencies and companies around the world that had also been attacked, but did not publicly reveal their identities. More technical details also began to emerge, illustrating how well the malicious activity was covered and why it was hard to detect.ĭecember 17, 2020: New victims revealed - The Energy Department (DOE) and National Nuclear Security Administration (NNSA), which maintains the U.S. The initial attack date was now pegged to sometime in March 2020, which meant the attack had been underway for months before its detection. Various security officials and vendors expressed serious dismay that the attack was more widespread and began much earlier than expected. Commerce and Treasury Departments, the Department of Homeland Security (DHS), the National Institutes of Health, and the State Department were all affected. On this date and next, the company issued two "hotfix" security patches to address the vulnerability.ĭecemVictims n amed and t imeline m oves b ack - Wall Street Journal reported that the U.S.
#Solarwinds products upgrade
The researchers stumbled across evidence that attackers entered a backdoor in the SolarWinds software “trojanizing SolarWinds Orion business software updates to distribute malware.” FireEye dubbed it “SUNBURST.”ĭecember 13 SolarWinds begins notifying customers, including a post on its Twitter account, "SolarWinds asks all customers to upgrade immediately to Orion Platform version 2020.2.1 HF 1 to address a security vulnerability."ĭecember 14 SolarWinds files an SEC Form 8-K report, stating in part that the company "has been made aware of a cyberattack that inserted a vulnerability within its Orion monitoring products".
The security team reported their Red Team toolkit, containing applications used by ethical hackers in penetration tests, was stolen.ĭecemInitial d etection - FireEye discovered a supply chain attack while it was investigating the nation-state attack on its own Red Team toolkit. SolarWinds hack timeline (last updated March 28, 2021)ĭecemHow the discovery began - FireEye, a prominent cybersecurity firm, announced they were a victim to a nation-state attack.
The attack "impacted critical infrastructure providers, potentially impacting energy and manufacturing capacities,” she said, and created an ongoing intrusion that “should be treated as a serious event with potential for great harm.”įollowing is a timeline of how events related to the SolarWinds hack have unfolded, to date. The SolarWinds attack is unprecedented because of "its capability to cause significant physical consequences," says University of Richmond management professor Shital Thekdi, an expert on risk management and industrial and operations engineering. While it is “hard to say” if the SolarWinds software supply-chain compromise will become known as the highest-impact cyber intrusion ever, it did catch “many people off guard” despite the security industry’s frequent warnings that supply chains pose substantial risks, according to Eric Parizo, principal analyst of security operations at Omdia, a global research firm. Editor's note: This article, originally published on April 5, 2021, has been updated to reflect recent developments.ĭetails of the 2020 SolarWinds attack continue to unfold, and it may be years before the final damages can be tallied.
0 kommentar(er)
