Why The Latest Cyberattack Was Different
Published in The Foreign Policy
By Robert Muggah
All during 2020, as the coronavirus pandemic swept around the world, another novel virus with devastating long-term effects spread unnoticed worldwide. Sometime in late 2019 or early 2020, at least one group of advanced hackers inserted malware into network software supplied by SolarWinds, a maker of information technology infrastructure software based in Austin, Texas. The decision to target SolarWinds looks strategic given the company’s vast U.S. and global clientele in the public, private, and nonprofit sectors. Publicly exposed in December 2020, the infectious malware—dubbed Sunburst by the cybersecurity firm FireEye and Solorigate by Microsoft—may turn out to be the most audacious cyberespionage campaign in history. For months, attackers stealthily infiltrated governments and businesses via a Trojan horse-style update to SolarWinds’ Orion cybersecurity management software. Like the coronavirus, Sunburst and another recently discovered piece of malware reveal the downside of global connectivity and the failure of global cooperation to deal with contagion.
What sets the SolarWinds attack apart from previous incidents is its sheer scale. The company has over 300,000 customers worldwide, according to filings made to the U.S. Securities and Exchange Commission. Throughout 2020, SolarWinds sent out software updates to roughly 18,000 of them. To date, at least 250 networks have reportedly been affected by the booby-trapped file. Shortly after being downloaded, the virus executes commands that create a backdoor in the network to transfer files, disable services, and reboot machines. Targeted institutions include the U.S. departments of Defense, Homeland Security, State, Energy, and the Treasury; all five branches of the U.S. military; the National Nuclear Security Administration, and 425 of the Fortune 500 companies, including Cisco, Equifax, MasterCard, and Microsoft. There have been other major cyberattacks in the past, but none has achieved this kind of penetration. By compromising powerful governments and businesses, including some of the most successful technology companies, the SolarWinds exploit shatters the illusion of information security. The hack has also spooked the financial services sector.Read more