Solarwinds hack 202011/22/2023 This text may not be in its final form and may be updated or revised in the future. NPR transcripts are created on a rush deadline by an NPR contractor. Visit our website terms of use and permissions pages at for further information. KING: Dina Temple-Raston with NPR's investigations unit. In the meantime, the National Security Council is preparing another executive order, but this one, as we understand it, will be much more about the nuts and bolts of preventing and responding to attacks - things like software development standards, so someone can't sneak into your build environment and change things, like what happened in SolarWinds. But we don't know exactly what that's going to be, and we probably won't know about it until long after it's already happened. So in addition to the sanctions, we also expect there's going to be some sort of reprisal in cyberspace, like a hack-back. TEMPLE-RASTON: Well, the White House has said that they're responding in both seen and unseen ways. And so the Biden administration has now put more sanctions on Russia. But in the end, I think everybody we talked to agreed that this hack was so sophisticated that it would have been pretty hard for anybody to fight it. We found some things that supported that - you know, a marketing website that was very specific about their clients, an easy password on a site where you could download some of their tools. Some of the company's critics, though, say they picked SolarWinds because their security wasn't up to snuff. And he says it was because they were ubiquitous, that hackers wanted to hack one company and get into a bunch of others with just one fell swoop. TEMPLE-RASTON: Well, you know, Noel, I asked the CEO of SolarWinds, Sudhakar Ramakrishna, exactly that. What did they say when you asked, why were you targeted? You landed some exclusive interviews with people who work at SolarWinds. What we do know is they had nine months in these systems to sort of roam around. We know they read emails, but we don't know if they stole information or even changed information. So that's why they think there were about 100 top companies - like Microsoft, Cisco, Deloitte - that were actually breached, and about a dozen government agencies were infiltrated, too.Īnd we're not exactly sure what the hackers did. But in order for it to work, the customers had to actually deploy the software, and they had to be connected to the Internet so that the hackers could get into their systems and communicate with their servers. So about 18,000 SolarWinds customers downloaded this tainted software. TEMPLE-RASTON: Well, it's a little more complicated than that. And it means that once they got in, anyone who downloaded the software was compromised? Take a listen.ĪDAM MEYERS: When I was growing up, you used to have to check your Halloween candy 'cause somebody might have put a razor blade in your Reese's Peanut Butter Cup, right? But imagine those Reese's Peanut Butter Cups going into the package and just before the machine comes down and seals the package, some other thing comes in and slides a razor blade into your Reese's Peanut Butter Cup. This is how CrowdStrike's Adam Meyers, who investigated the hack, put it. And what they did is, at the last minute, they swapped out their file, which had malicious code in it, for the SolarWinds file. And one of the things we learned was that the hackers, who the White House had said were from Russian intelligence, created their own software update in a, like, temporary file inside of SolarWinds. TEMPLE-RASTON: Well, this is all about quiet, sophisticated tradecraft. KING: And so how did they manage to do this? That's what they mean when they talk about a supply chain attack. So if you successfully hack SolarWinds, you can get into all these other entities, too. SolarWinds provides a kind of network monitoring software that lots of big companies and government agencies use. TEMPLE-RASTON: Well, this is different because the hackers attacked one private company in order to compromise hundreds, possibly thousands, of others. KING: We've heard so much about cyberattacks in the past few years. Good morning, Dina.ĭINA TEMPLE-RASTON, BYLINE: Good morning. And with me now is NPR's Dina Temple-Raston. NPR has been piecing together how it happened. Hackers broke into the systems of Fortune 500 companies and federal government agencies. The Biden administration imposed more sanctions on Russia last week, citing as one reason the SolarWinds hack.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |