SolarWinds hackers first breached systems in September 2019
The company is facing a class action lawsuit filed by its shareholders
The investigation into the SolarWinds cyber attack has revealed that hackers may have had access to the company’s internal systems since September 2019 – over a year before the incident was reported.
On 14 December, the software company confirmed that its systems had fallen victim to “a highly sophisticated, manual supply chain attack” which “intended to be a narrow, extremely targeted, and manually executed attack, as opposed to a broad, system-wide attack”.
However, SolarWinds’s president and CEO Sudhakar Ramakrishna has now revealed that the investigation of the incident now lists 4 September 2019 as the probable start of the chain of the events. It is on that day that threat actors are believed to have accessed SolarWinds internal systems, before injecting a test code and beginning trial runs three months later in December 2019.
“Our current timeline for this incident begins in September 2019, which is the earliest suspicious activity on our internal systems identified by our forensic teams in the course of their current investigations,” Ramakrishna revealed in a company blog post.
“The subsequent October 2019 version of the Orion Platform release appears to have contained modifications designed to test the perpetrators’ ability to insert code into our builds,” he said.
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
The timeline of the incident might be particularly significant given the news that SolarWinds is facing a class action lawsuit filed by its shareholders. The complaint alleges that the company failed to disclose that SolarWinds’ Orion monitoring products had a vulnerability that allowed hackers to compromise the server since mid-2020. It also alleges that the company had set an easily-breachable password for the SolarWinds' update server, which ultimately resulted in SolarWinds' customers, including the US government, Microsoft, Cisco, and Nvidia, being vulnerable to hacks.
B2B under quarantine
Key B2C e-commerce features B2B need to adopt to surviveDownload now
The top three IT pains of the new reality and how to solve them
Driving more resiliency with unified operations and service managementDownload now
The five essentials from your endpoint security partner
Empower your MSP business to operate efficientlyDownload now
How fashion retailers are redesigning their digital future
Fashion retail guideDownload now