One of the most serious hacker attacks on U.S. government agencies has unusual legal ramifications.
The U.S. Securities and Exchange Commission (SEC) is breaking new ground, accusing SolarWinds of misleading shareholders by hiding cybersecurity risks in its systems.
Solarwinds denied the allegations.
In the attack that became known at the end of 2020, the hackers still wanted to get into the systems of various American government agencies. They accessed the networks using SolarWinds computer maintenance software, which was used in many places. The cyber breach went unnoticed for over a year.
According to US security authorities, elite Russian hackers were behind the attack; the government in Moscow rejected the accusation. According to IT security experts, this concerns the APT29 group, which belongs to the Russian foreign secret service SWR and is also known as Cozy Bear.
The US Securities and Exchange Commission now argued in the more than sixty pages long complaint that the US company SolarWinds had ignored warning signals and given investors a false impression of the security of the systems. The company went public in October 2018.
The SEC’s lawsuit is based largely on a contrast between SolarWinds’ public statements and the information the company had and employee ratings.
The authority often referred to internal presentations and emails from employees. The stock exchange regulator has access to this during investigations.
An attorney for SolarWinds countered that the SEC exceeded its authority with this action. The authority wanted to appoint itself as the ‘cyber security police for listed companies’, he criticized in the ‘Wall Street Journal’, among others.
According to the lawsuit, the attackers gained access to SolarWinds systems no later than January 2019. With their access, they installed malicious Windows code into three software products delivered to more than 18,000 of the company’s customers around the world.
The attack was discovered by the IT security company FireEye, which itself was targeted by the hackers.
The hackers were able to compromise SolarWinds’ IT management software and inject an attack tool (called Sunburst). The malware then arrived on the victims’ systems as a regular update.
Because the update was digitally signed and from a trusted source, the attackers were able to gain access to many high-profile targets and essentially hide in plain sight. According to experts, such attacks on the supply chain are very difficult to detect.
Microsoft later confirmed that the attackers were able to infiltrate 40 additional organizations that were not even SolarWinds customers. The consequences of the cyber attack were enormous. Vulnerabilities in Microsoft and VMware software also allowed the attackers to gain access to emails and other documents.
(dsc/sda/awp/dpa)
Source: Watson
I’m Ella Sammie, author specializing in the Technology sector. I have been writing for 24 Instatnt News since 2020, and am passionate about staying up to date with the latest developments in this ever-changing industry.
On the same day of the terrorist attack on the Krokus City Hall in Moscow,…
class="sc-cffd1e67-0 iQNQmc">1/4Residents of Tenerife have had enough of noisy and dirty tourists.It's too loud, the…
class="sc-cffd1e67-0 iQNQmc">1/7Packing his things in Munich in the summer: Thomas Tuchel.After just over a year,…
At least seven people have been killed and 57 injured in severe earthquakes in the…
The American space agency NASA would establish a uniform lunar time on behalf of the…
class="sc-cffd1e67-0 iQNQmc">1/8Bode Obwegeser was surprised by the earthquake while he was sleeping. “It was a…