The hack of SolarWinds software, first exposed in December of 2020, may be the biggest and most important event of that disastrous year. While it has only received minimal attention, the massive attack will have long-lasting effects, especially of the security of government operations.
As of this writing, it is still unsure exactly how many companies and organizations have been penetrated by the SolarWinds hack. But the company is claiming no more than 18,000 of their clients are affected. That makes this the most massive espionage attack of all times. A number of federal agencies have already admitted to discovering that they had been penetrated, while many more are still conducting their own investigations.
The genius of this attack is that rather than going after individual companies, the hackers developed a back door into SolarWinds software, which is used by many organizations to monitor their networks. This gave the hackers access into everything on those organizations’ networks, including the ability to harvest passwords and to put additional back doors in place.
Part of the problem facing companies and government agencies who have used SolarWinds, is that just canceling their service or removing the software doesn’t guarantee that their systems are secure. Rather, a complete check of everything in their system is necessary, without really knowing what they are looking for. For some companies, this can mean checking thousands of computers and systems.
At best, it will take months for the affected companies to track down everything and secure their networks once again. While they are doing that, the Russian government, who are believed to be the perpetrators in this case, will still be reading our government’s mail… and anything else on their networks.
The amount of data that the Russian spy organizations have garnered through this hack is mind-boggling. They could literally have copied all the information available in the months since they gained access. In reality, it will take them much longer to analyze the data they have stolen, then it will take for the leaks to be fully plugged. What they will do with that information is anyone’s guess.
Even so, there’s a bigger risk in all this; that they have planted the means within our nation’s computer networks to take control over computers and direct them remotely. Some of the networks they have gained access to include some of our biggest power companies; so there’s a possibility that they now have the ability to shut down our power grid. We just don’t know and we may not find out until it is too late.
Fortunately, there is no way that they can access the computers which control our nuclear power plants, as those are “air gapped” – maintained separate from any network. So at least they can’t blow those up, regardless of what else they can do.