Microsoft Also Fell Victim to Solarwinds-Cyberattack

And what distinguishes Mr Superhacker from Mr. Normal Citizen? While Mr Normal Citizen has been reading mostly similar reports about the Covid19 virus in the newspaper for about a year, Mr Superhacker has been eagerly following not only the secret data records of the Robert Koch Institute for at least a year, but completely ALL internal information from around 18,000 networks of companies and government agencies such as the Federal Criminal Police Office or – even more interesting – the National Nuclear Security Administration (NNSA). The latter manages, among other things, the nuclear arsenal of the United States of America. The icing on the cake of the super attack is the decryption of strictly protected programme source codes of the software company Microsoft. 

Unconcerned Carelessness When Issuing Passwords

The common vulnerability of all affected companies and authorities is the US network management software from Solarwinds. Yet the term “vulnerability” is far too weak to express the irresponsibility with which the American company acts, according to Reuters. According to the news agency, the security researcher Vinoth Kumar is said to have alerted the managers of Solarwinds months ago to the hardly usable password “solarwinds123”. In view of such carelessness, not only magility’s security experts wonder whether Solarwinds is boldly assuming the stupidity of hackers or whether greater care is not urgently needed in the companies concerned. Only a few months ago, magility had reported on the 2020 hacks and warned against carelessness : “A quick change of security updates and a short “lifetime” of software keys are barriers that are difficult for hackers to overcome.” 

The Russians Did It – Or Maybe It Was the Chinese?

So while the data theft on a gigantic scale probably went unnoticed for over a year, US Secretary of State Mike Pompeo, after discovering the attack, surmised with almost dizzying speed who was behind it all. The group calls itself APT29 and is attributed to the Russian foreign intelligence service SVR. However, the soon-to-be ex-president of the United States, Donald Trump, contradicts this. His nose is pointed east with an inquiring eye on China. 

Shares Sold – Image Destroyed

Whoever installed the backdoor in Orion knew where to find the weak points in Solarwinds. According to Handelsblatt, Orion generated half of the company’s turnover in the first nine months of last year with 754 million US dollars. Solarwinds was founded in 1999 by former Walmart manager Donald Yonce. In October 2015, investors Silver Lake Partners and Thoma Bravo took a majority stake, which is said to have brought Yonce 563 million US dollars. The two major investors, meanwhile, showed a good nose for business: just seven days before the hacking attack was announced, they are said to have sold shares worth 280 million US dollars. A few months earlier, CEO Kevin Thompson had announced that he would leave his post at the end of 2020. Then in November, it seems he sold $15 million worth of shares. 

Perhaps the Good In the Bad

Security expert Dmitri Alperovitch can even find some good in the gigantic scale of the tragedy. In his opinion, there are not enough specialists in the world to take care of every potential victim. Accordingly, it was to be expected that the attackers would concentrate on those who seemed most important to them. We can now speculate which of the affected locations in North America, Asia, Europe or the Middle East this could be.

The security experts at magility go one step further. With state-of-the-art technology and know-how, as well as Cyber Security Management Systems (CSMS) individually tailored to the company, they can offer companies and authorities, regardless of whether they have already been compromised or not, solutions that can prevent damage of this kind in the future. 

Together with a strong partner network, including the Israeli company Argus Cyber Security and the certification service provider DEKRA, we at magility act as a system integrator for Cyber Security Management Systems in the European market. 

Do you have any further questions about Cyber Security issues? Our magility Cyber Security experts will be happy to help. Simply contact us right here.