ECONOMY & WORK
MONEY 101
NEWS
PERSONAL FINANCE
NET WORTH
About Us Contact Us Privacy Policy Terms of Use DMCA Opt-out of personalized ads
© Copyright 2023 Market Realist. Market Realist is a registered trademark. All Rights Reserved. People may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
MARKETREALIST.COM / NEWS

SEC Sues IT Firm SolarWinds Over One of the Worst Cyber Espionage Hacks in US History; Here's Why

The cyberattack was allegedly carried out by a group of Russian hackers called "NOBELIUM".
PUBLISHED NOV 27, 2023
Image source: Getty Images | Photo by Chip Somodevilla
Image source: Getty Images | Photo by Chip Somodevilla

US regulators have sued IT firm SolarWinds, which was targeted by a Russian-backed hacking group in a cyberespionage campaign, for fraud and failure to disclose alleged security deficiencies. The stunning hack was one of the largest cyberattacks in the US history, which compromised the data of several companies and government agencies. The suit also named the company’s top security executive while seeking his removal, unspecified civil penalties, and reimbursement of “ill-gotten gains”.



 

SolarWinds is a major IT/software company based in Austin, Texas. It provides system management tools for network and infrastructure monitoring, along with technical services to hundreds of thousands of organizations around the world. One of the company's products is an IT performance monitoring system called Orion which was the primary target of the hack.



 

As an IT monitoring system, SolarWinds Orion had privileged access to the IT systems of several companies and government agencies. Thus its wide deployment made it a lucrative and attractive target. In the attack, the hackers used a method called a ‘supply chain attack’ to insert malicious code into the Orion system. In this type of attack, a third party with access to various organizations' systems is targeted by focusing on weaker links in the organization's supply chain.

In this case, the SolarWinds Orion platform created a backdoor for hackers who impersonated users and accounts of victim organizations. The malware can also allow access to system files without detection, even by an antivirus software. In the hack, the attackers gained access to the networks, systems, and data of thousands of SolarWinds Orion customers.

Photo illustration, of a hacker with an Anonymous mask on his face | Getty Images | Photo by Chesnot
Getty Images | Photo by Chesnot

In this hack, Microsoft has suspected the hackers to be from the group known as NOBELIUM. Microsoft refers to the group as an advanced and persistent adversary because of its tenacious attacks and ever-evolving nature.

Representative image of a protestor wearing a mask of 'Anonymous' | Getty Images | Photo by Denis Doyle
Representative image of a protestor wearing a mask of 'Anonymous' | Getty Images | Photo by Denis Doyle

In the attack, the data, networks, and systems of over 30,000 public and private organizations were compromised, as per Fortune. The victims included state and federal agencies including, the Justice and Homeland Security departments. Apart from SolarWinds clients, the hack exposed the inner workings of Orion users, and the hackers could potentially gain access to the data and networks of their customers and partners as well.

In the 68-page complaint filed in New York federal court, the SEC has accused SolarWinds and its then vice president of security, Tim Brown, of defrauding their investors and customers. The SEC has accused them of making “misstatements, omissions and schemes” that concealed their “poor cybersecurity practices and its heightened and increasing cybersecurity risks," as per the official release

Gurbir S. Grewal, the SEC’s enforcement division director, said in a statement that SolarWinds and Brown ignored “repeated red flags” for years and deprived investors of accurate material information.

 Gurbir Grewal, Director of Enforcement for the Securities and Exchange Commission, speaks during a press conference | Getty Images | Photo by Michael M. Santiago
Gurbir Grewal, Director of Enforcement for the Securities and Exchange Commission, speaks during a press conference | Getty Images | Photo by Michael M. Santiago

The SEC also alleged that an internal SolarWinds presentation shared in 2020 had warned about the company’s network being “not very secure,” and vulnerable to hacking that could lead to “major reputation and financial loss,” the release said.  The SEC also alleged that many employees including Brown had made multiple communications questioning the company’s ability to protect itself from cyberattacks.

Meanwhile, SolarWinds has called the SEC charges unfounded and said it is “deeply concerned this action will put our national security at risk,” a Fortune report said.

MORE ON MARKET REALIST
The guitar had been used for several iconic recordings with legendary musicians.
1 hour ago
Gbenga Akinnagbe was shocked to find out that his item was an art piece from the famous Titus Kaphar.
3 hours ago
While the contestant didn't mean to be suggestive Harvey just couldn't help taking it that way.
4 hours ago
The TikTok creator claimed that it lacked a very important nutrient people sought from chicken.
5 hours ago
While Harrison really wanted the rare treasure, he just couldn't take a chance with such a high price tag.
1 day ago
The issue triggered speculation on social media, with many questioning Walmart's product quality.
1 day ago
The rising star of the show's Prime Video spinoff could take over as the full time host.
3 days ago
Rick who couldn't tell the difference between Pokemon and Charizard lost out on a deal of a life.
3 days ago
The guest later happily gave it away for free to a Folk Americana Roots Hall of Fame collection.
3 days ago
The guest had stumbled into the rare artifact online and didn't have to shell out a lot for it.
4 days ago
Jennings answered the question that was making the rounds on social media for quite some time.
4 days ago
While her letter picks gave her just one clue, Angie nailed the final puzzle in seconds.
5 days ago
While the player wasn't too bothered with the loss, fans didn't seem to let it go.
5 days ago
This wasn't the first time that a contestant made a fool of himself on the show.
6 days ago
Even the stingy star of the show, Rick Harrison couldn't resist paying top dollar for the item.
6 days ago
Kevin O'Leary's deal did offer more capital but didn't align with Strauss's goals.
7 days ago
Harvey was waiting for a long time for someone to give that answer.
Apr 18, 2025
All the guest could say was, "I am never going to be able to talk to my wife again."
Apr 17, 2025
The TikTok creator claimed that the brand is trying to gain attention, but some viewers disagree.
Apr 16, 2025
Harris made a last ditch attempt for the 'Holy Grail' item but it didn't go as he expected it to.
Apr 16, 2025