Speed Reads

back door

30 percent of SolarWinds hack victims didn't run the software, CISA head says

The SolarWinds hack is in need of a new name, America's top cybersecurity investigators say.

In late 2020, foreign hackers exploited the widely used SolarWinds software to gain access to hundreds of thousands of federal government computers, as well as private companies' networks. But it turns out that around 30 percent of computers previously thought to be hacked via SolarWinds didn't even run the software, Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency, tells The Wall Street Journal.

The idea that SolarWinds was the only avenue for the suspected Russian attack limited its potential victims to the software's relatively small user base. But hackers linked to the attack also seem to have broken into government and private accounts by guessing passwords and exploiting issues in Microsoft's cloud-based Office software used by millions of people, government investigators said. "It is absolutely correct that this campaign should not be thought of as the SolarWinds campaign," Wales told the Journal.

Cybersecurity company Malwarebytes backed up investigators' findings, saying last week that it faced the same hackers as the SolarWinds attack. But Malwarebytes doesn't even use SolarWinds; rather, the hackers found a loophole in a Microsoft Office 365 account to break in. The revelation made Malwarebytes' CEO Marcin Kleczynski wonder what software is even safe to keep on company computers. "How do I know that Zoom or Slack isn’t next and what do I do?" Kleczynski questioned when talking to the Journal.

Around 18,000 government and private computers are thought to have been compromised in the hack, including networks in the Pentagon, State Department, Justice Department, and other top agencies. President Biden brought up the attack in his first call with Russian President Vladimir Putin.