New reports are expanding the legacy of a recent major hack targeting United States federal agencies, as well as large businesses, that has been so much in the public eye recently.
Last week, the tech world was abuzz with investigations into an exploit of a Solarwinds software program called Orion that resulted in widespread access for hackers.
Today’s news is showing that the problem expands beyond the community of Orion users.
Reuters reports that hackers also got into other systems through Microsoft reseller access, so that companies that didn’t use Orion could still be compromised.
For example, security firm Crowdstrike had reported that hacker capabilities involving the Microsoft licensing reseller have allowed that party to get into Crowdstrike system and try to enable reading emails.
Since Crowdstrike only uses Microsoft Office for word processing and not for email, that particular effort was thwarted. Still, the idea that hackers also used this other avenue to infiltrate systems means that a given target didn’t have to be using Orion to be vulnerable.
Reuters reports federal responders saying they had “not seen (exploits beyond Orion with resellers) in an initial vector,” but the eventual discovery of the reseller access problem flies in the face of this analysis.
This cyberattack writ large is now unusually familiar with the average American, and many are asking if Russia was behind the effort.
Russian officials have denied involvement, but analysts stateside are trying the modus operandi to a group of Russian hackers now in the limelight, in a negative way.
“San Francisco, Cyber-security firm CrowdStrike has revealed that suspected Russian hackers who broke into a series of US government agencies and enterprises via compromising SolarWinds software, aimed to attack its network but failed to do so,” reported Business Insider today, in just one example of reporting staff using Russia allegations as ballast.
Beyond asking if this greater trend will move markets, it’s important for traders to look beyond the veneer. What long-term effect will this phenomenon have, given the centrality of cybersecurity in modern warfare? Pay attention as the tech world continues to react.