What is Solar Wind Hack? Know all details of the cyber attack on USA here

Recently there has been a massive cyber attack on the US government and private agencies. Know all about Solar Wind Hack and the parties affected, involved and its effects here
Created On: Dec 28, 2020 13:23 IST
Modified On: Dec 28, 2020 16:50 IST
What is Solar Wind Attack/ Hack
What is Solar Wind Attack/ Hack

Why in News?

A large chunk of US government emails has been targeted in a hack thought to have been carried out by Russia as reported by the American media.

Significance :

  1. This has been the biggest ever targeted cyber attacks in the United States of America. 
  2. US Government, its agencies as well as many private companies have been affected by it
  3. The treasury and commerce departments of the United States were both affected and others may have been breached. 
  4. The hackers were able to monitor internal emails at some of the top agencies in the US
  5. The first attack was discovered by Fire Eye which is a cybersecurity company aiding the US Government. 

Also Read| Science and Tech Weekly Brief: Important updates from December 21-25, 2020

In a Gist:

  1. How did the hackers gain access- Through Trojanised updates
  2. What software update was exploited- Sunburst Malware into Orion
  3. How was it undetected- Malware thwarted tools like an anti-virus that were used to detect it
  4. Who is investigating- Cyber Unified Coordination Group

What has happened?

  1. The attack has been labelled as a state-sponsored attack and is said to be carried out by a nation with top offensive capabilities. The attacker wanted to use the government customer data as informed by Fire Eye. 
  2. The attack was named Campaign UNC2452.
  3. The hack began in March when a malicious code was slipped into updates for the software, Orion, made by the company SolarWinds. This company monitors the hardware and software networks of businesses and governments for outages.
  4. This gave a chance to all the hackers to access to an organization’s network to steal information.
  5. The apparent months-long timeline gave the hackers ample time to extract information from many targets

Who is affected by this?

  1. The hack is said to have a global effect. This is because the affected software is in use in parts of a business having the potential to devastate organizations.
  2. SolarWinds, of Austin, Texas, provides network-monitoring and other technical services to hundreds of thousands of organizations around the world, including most Fortune 500 companies and government agencies in North America, Europe, Asia and the Middle East.
  3. SolarWinds is working with FireEye as well as the FBI, the intelligence community, and other law enforcement agencies.
  4. The Pentagon, Centres for disease control and prevention and state department, justice department along with top 10 telecom operators of the US are said to be affected. 
  5. It has been estimated that over 33000 companies are said to be using Solar Winds, thus under effect.

Who is behind the attack?

  1. SolarWinds informed that it was an outside nation-state that tried to infiltrate its systems with malware.
  2. However, neither the US government nor the affected companies have informed the public about the nation-state they think is responsible for these attacks. 

Way Forward

Cyber-defence is a hard thing to do. However, retaliation against governments responsible for egregious hacks happens. The United States can now expel diplomats and can impose sanctions.

For example, the Obama administration expelled Russian diplomats after the Kremlin military hackers’ meddling in Donald Trump’s favour in the 2016 election. SolarWinds may have to face legal actions from its customers and government agencies that have been affected by the breach. 

Related| GK Quiz for current and static events

FAQ

What is the Solar Wind attack named by the Fire Eye US?

The attack has been named Campaign UNC2452 by Fire Eye

How did the hackers gain access in the Solar Wind Attack?

The hackers gained access through the trojanized updates in the system of the users

Which is the biggest cybersecurity hack of the US till now?

Solar Wind hack is being said as the biggest hack of the US till now.

Which country has been recently affected by Solar Wind Hack?

The United States of America has been affected by the Solar Wind hack recently. It has been estimated that more than 17000 companies are also affected.
Comment ()

Related Categories

Post Comment

7 + 2 =
Post

Comments