FireEye has not publicly blamed that breach on the SolarWinds hack, but it reportedly confirmed that was the case to the tech site Krebs On Security on Tuesday.įireEye described the malware’s dizzying capabilities, from initially lying dormant up to two weeks, to hiding in plain sight by masquerading its reconnaissance forays as Orion activity. The breach was not discovered until the prominent cybersecurity company FireEye, which itself uses SolarWinds, determined it had experienced a breach through the software. The hack began as early as March, SolarWinds admitted, giving the hackers plenty of time to access the customers’ internal workings.
The company revealed that hackers snuck a malicious code that gave them remote access to customers’ networks into an update of Orion. On Sunday, SolarWinds alerted thousands of its customers that an “outside nation state” had found a back door into its most popular product, a tool called Orion that helps organizations monitor outages on their computer networks and servers. That dominance, however, has become a liability.
“We don’t think anyone else in the market is really even close in terms of the breadth of coverage we have,” he said. There was not a database or an IT deployment model out there to which the company did not provide some level of monitoring or management, he told analysts. On an October earning call, the company’s chief executive Kevin Thompson touted how far it had come since. The firm was founded by two brothers in Tulsa, Oklahoma, ahead of the feared turn-of-the-millennium Y2K computer bug.
0 kommentar(er)
