The attack happened, according to experts, when the culprits took advantage of software from SolarWinds Corp., sources told Reuters. On Sunday (Dec. 13), it was reported that SolarWinds’ Orion Platform software was involved in “active exploitation.”
As had already happened with SolarWinds’ networking management software, Microsoft products were then used to foist scams on others, Reuters writes.
Sources couldn’t say exactly how many people had been affected by the attacks, and the Department of Homeland Security (DHS) is continuing to investigate. The DHS said on Thursday (Dec. 17) that the hackers used numerous points of entry.
Cyberattacks have become more and more common, particularly during the pandemic, as everyone has tried to shift to digital ways of doing things. They come as more attacks have also occurred attempting to scam people out of money or personal information for similar pandemic-related reasons.
The recent reports of widespread attacks on government systems, PYMNTS writes, have caused concerns about how the institutions are doing at protecting vital data — and that if the U.S. Treasury and Commerce departments are having a hard time, smaller institutions will, too.
SolarWinds — which works with 85 percent of Fortune 500 companies and also works with all five branches of the U.S. military, along with the Justice Department, National Security Agency and the White House — said it was aware of the attacks and had told clients to update their security software as soon as they could.
In addition to this latest attack, another also recently happened involving the California cybersecurity firm Fire Eye, less than a week ago. The company released an advisory in response saying that a “highly evasive attack” had happened and it was part of a global campaign.