The party behind the widespread SolarWinds hack is yet to be uncovered; however, Russia and China are believed to be the only two who possess both the capability and resource to mount an attack of this scale. It supposedly began as far back as Mach, and was only uncovered when the perpetrators tried to penetrate cybersecurity firm FireEye. Since then, there has been a cascading number of compromised high-profile institutions; including the US Treasury, the National Institute of Health and Homeland Security.
The perpetrators gained access by commandeering software from SolarWinds, which claims to support thousands of worldwide organisations with network-monitoring tools, including the UK’s National Health Service and Ministry of Defence.
In an earnings call earlier this year, CEO Kevin Thompson acclaimed how far SolarWinds had come and said ““We don’t think anyone else in the market is really even close in terms of the breadth of coverage we have, we manage everyone’s network gear.” In hindsight, his proclamation is undoubtedly an ominous one.
Paul Chichester, the UK’s National Cyber Security director of operations, stated that British teams were still working alongside international partners to fully comprehend the impact on the UK.
“That work is ongoing and will take some time,” said Mr Chichester. “We urge organisations to take immediate steps to protect their networks — and will continue to update as we learn more.”
Conversely, the Financial Times quotes another UK security official who has said there are only a “very small” number of affected organisations, of which none are part of the public sector.
On Thursday Microsoft President, Brad Smith, said the firm had pinpointed over 40 of its customers who had been singled out as part of sophisticated and targeted attacks.
Despite around 80% of the victims being located in the US, Smith asserted that Microsoft had located victims in several additional countries: the UK, Belgium, Canada, Spain, Israel, Mexico and the UAE. He added “It’s certain that the number and location of victims will keep growing,” and that:
“The attack unfortunately represents a broad and successful espionage-based assault on both the confidential information of the US government and the tech tools used by firms to protect them.”
At Polestar we have worked with a number of firms that are at the forefront of cyber-security. We are always interested to the hear from businesses disrupting industries through technology or technology-enabled services and products, especially in a sector where there is significant potential to drive change. If you are seeking funding or evaluating your options, let’s have a chat.
“The attack unfortunately represents a broad and successful espionage-based assault on both the confidential information of the US government and the tech tools used by firms to protect them”
