December’s revelation that U.S. government agencies and our largest corporations were subject to a hyper-sophisticated cyberattack was not unexpected, but the breadth of the SolarWinds hack was shocking.
FireEye, a world leader on cybersecurity, stated the company had never witnessed a breach of this scope and magnitude. In a blog post disclosing the attack, FireEye CEO Kevin Mandia wrote, „We are witnessing an attack by a nation with top-tier offensive capabilities.“ It was evident just how serious the situation was.
Then the other shoe dropped. Days after the initial report disclosing the breach, we learned that the SolarWinds hack impacted thousands more entities than previously believed and is still ongoing as we speak.
Through a series of seemingly innocuous software updates, hostile actors penetrated our networks and spread undetected for months like a metastatic cancer.
We don’t yet know the full extent of what assets were compromised in SolarWinds, something that will take months or longer to assess. What is clear is very few nation-states have the cyber capabilities needed to orchestrate a hack of this sophistication, and SolarWinds bears all the hallmarks of Russian malign activity.
Malware and cyberattacks are something of a Russian specialty and remain their tools of choice because they are cheap to execute and can wreak maximum havoc.