It turns out that cyber attackers have infiltrated around 250 corporate and business networks through SolarWinds updates. In the European region, the situation may be worse.
The updates of the network traffic monitoring software developed by SolarWinds for institutions and companies were seized by cyber attackers. The incoming information shows that the attack is more effective than expected.
Hackers infiltrating an update of a widely used software in such cyberattacks, also known as supply chain attacks; can access all customer systems where the software is installed.
At first, it was thought that internal communications of the Treasury and Trade Ministries were leaked. Afterwards, it was stated that many companies such as Cisco, Intel, Microsoft accessed some of their codes but could not make any effect. Finally, it came to the fore that even Microsoft’s source codes were accessed.
Gradually the scope of the attack is growing. This attack, which is claimed to be originating from Russia and stated that it was not caught by the early warning systems established by the NSA because it originated from a software used in the USA, has affected approximately 250 corporate or company networks.
Another problem is whether SolarWinds has infiltrated the European offices close to Russia. It is known that the engineers in these offices have a wider jurisdiction. As Russia is more effective in these regions, the damage may be greater.
It is known that SolarWinds firm did not agree with consultants who had advised to increase security measures in the past and consultants had to leave the company. Still, the firm insists that the attack is very sophisticated and complex.