ECONOMY & WORK
MONEY 101
NEWS
PERSONAL FINANCE
NET WORTH
About Us Contact Us Privacy Policy Terms of Use DMCA Opt-out of personalized ads
© Copyright 2023 Market Realist. Market Realist is a registered trademark. All Rights Reserved. People may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
MARKETREALIST.COM / NEWS

SEC Sues IT Firm SolarWinds Over One of the Worst Cyber Espionage Hacks in US History; Here's Why

The cyberattack was allegedly carried out by a group of Russian hackers called "NOBELIUM".
PUBLISHED NOV 27, 2023
Image source: Getty Images | Photo by Chip Somodevilla
Image source: Getty Images | Photo by Chip Somodevilla

US regulators have sued IT firm SolarWinds, which was targeted by a Russian-backed hacking group in a cyberespionage campaign, for fraud and failure to disclose alleged security deficiencies. The stunning hack was one of the largest cyberattacks in the US history, which compromised the data of several companies and government agencies. The suit also named the company’s top security executive while seeking his removal, unspecified civil penalties, and reimbursement of “ill-gotten gains”.



 

SolarWinds is a major IT/software company based in Austin, Texas. It provides system management tools for network and infrastructure monitoring, along with technical services to hundreds of thousands of organizations around the world. One of the company's products is an IT performance monitoring system called Orion which was the primary target of the hack.



 

As an IT monitoring system, SolarWinds Orion had privileged access to the IT systems of several companies and government agencies. Thus its wide deployment made it a lucrative and attractive target. In the attack, the hackers used a method called a ‘supply chain attack’ to insert malicious code into the Orion system. In this type of attack, a third party with access to various organizations' systems is targeted by focusing on weaker links in the organization's supply chain.

In this case, the SolarWinds Orion platform created a backdoor for hackers who impersonated users and accounts of victim organizations. The malware can also allow access to system files without detection, even by an antivirus software. In the hack, the attackers gained access to the networks, systems, and data of thousands of SolarWinds Orion customers.

Photo illustration, of a hacker with an Anonymous mask on his face | Getty Images | Photo by Chesnot
Getty Images | Photo by Chesnot

In this hack, Microsoft has suspected the hackers to be from the group known as NOBELIUM. Microsoft refers to the group as an advanced and persistent adversary because of its tenacious attacks and ever-evolving nature.

Representative image of a protestor wearing a mask of 'Anonymous' | Getty Images | Photo by Denis Doyle
Representative image of a protestor wearing a mask of 'Anonymous' | Getty Images | Photo by Denis Doyle

In the attack, the data, networks, and systems of over 30,000 public and private organizations were compromised, as per Fortune. The victims included state and federal agencies including, the Justice and Homeland Security departments. Apart from SolarWinds clients, the hack exposed the inner workings of Orion users, and the hackers could potentially gain access to the data and networks of their customers and partners as well.

In the 68-page complaint filed in New York federal court, the SEC has accused SolarWinds and its then vice president of security, Tim Brown, of defrauding their investors and customers. The SEC has accused them of making “misstatements, omissions and schemes” that concealed their “poor cybersecurity practices and its heightened and increasing cybersecurity risks," as per the official release

Gurbir S. Grewal, the SEC’s enforcement division director, said in a statement that SolarWinds and Brown ignored “repeated red flags” for years and deprived investors of accurate material information.

 Gurbir Grewal, Director of Enforcement for the Securities and Exchange Commission, speaks during a press conference | Getty Images | Photo by Michael M. Santiago
Gurbir Grewal, Director of Enforcement for the Securities and Exchange Commission, speaks during a press conference | Getty Images | Photo by Michael M. Santiago

The SEC also alleged that an internal SolarWinds presentation shared in 2020 had warned about the company’s network being “not very secure,” and vulnerable to hacking that could lead to “major reputation and financial loss,” the release said.  The SEC also alleged that many employees including Brown had made multiple communications questioning the company’s ability to protect itself from cyberattacks.

Meanwhile, SolarWinds has called the SEC charges unfounded and said it is “deeply concerned this action will put our national security at risk,” a Fortune report said.

MORE ON MARKET REALIST
The old painting turned out to be an early piece from the renowned artist David Hockney.
3 hours ago
The player aced the tricky game of 'Gas Money' and, needless to say, she celebrated in style.
6 hours ago
Fans were shocked to see how the player couldn't solve one of the easiest puzzles in the show's history.
7 hours ago
The company, Scholly, entered the Shark Tank Hall of Fame as it gave a 60x return years later.
8 hours ago
After the contestant, Drew Carey broke the board further while trying to fix it...
1 day ago
As it so turned out, a crucial ruling from the judges led to a BIG win for the player.
1 day ago
When a guest brought a precious Charles Rohlfs chair, expert John Sollo confessed that he was nervous to appraise it.
1 day ago
The guest had no idea about the item being a Tiffany product and being embedded with a rare gem.
2 days ago
The host was baffled by the goof up that the contestant made between two words.
2 days ago
Carey showed that he has got the weapon of sarcasm, and he isn't afraid to use it.
2 days ago
Whatever the host was expecting, it was far away from what the contestant said on national TV.
2 days ago
The guest was surprised to learn more about the item he had actually found on the street for free.
2 days ago
After going through everything on the board, the player left Harvey in hysterics with his answer.
3 days ago
As it so turned out, the weird-looking floor lamp was a piece from a very famous studio.
3 days ago
Most contestants were consistently getting the answers wrong, and Harvey was worried about what was next.
4 days ago
Some claimed that they got the puzzle despite English being their second language.
4 days ago
The letter was written to a columnist in response to a piece taking a swipe at Sinatra.
4 days ago
In a special episode of Celebrity Family Feud, a WWE star decided to go for the one thing Harvey is known for.
4 days ago
Luck was shining for her as she was off to a flying start and won the car with a single card.
4 days ago
Sajak had a witty reply for the contestant who was fanboying over White during the game.
7 days ago