What could have stopped the SolarWinds attack?

April 10, 2020 by Author

Table of Contents

1 What could have stopped the SolarWinds attack?
2 What companies were hacked by SolarWinds?
3 How SolarWinds could’ve been prevented?
4 What was SolarWinds vulnerability?
5 What government agencies were affected by SolarWinds hack?
6 When did SolarWinds hack happen?

What could have stopped the SolarWinds attack?

CISA believes SolarWinds attack could have been prevented with simple countermeasures. In a letter to Senator Ron Wyden, CISA says a firewall blocking all outgoing connections to the internet would have neutralized the SolarWinds malware.

What companies were hacked by SolarWinds?

The companies included Microsoft, Intel and Cisco; the list of federal agencies so far includes the Treasury, Justice and Energy departments and the Pentagon. SolarWinds CEO and President Sudhakar Ramakrishna inherited the attack.

What did SolarWinds do wrong?

In early 2020, hackers secretly broke into Texas-based SolarWind’s systems and added malicious code into the company’s software system. Beginning as early as March of 2020, SolarWinds unwittingly sent out software updates to its customers that included the hacked code.

How SolarWinds could’ve been prevented?

Ron Wyden, D-Ore., the CISA said had victims configured their firewalls to block outbound connections from the servers running SolarWinds, it “would have neutralized the malware,” adding those who did so avoided the attack. …

What was SolarWinds vulnerability?

Microsoft reported to SolarWinds that they had discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product….SolarWinds product NOT AFFECTED by this security vulnerability:

8Man	Network Operations Manager (NOM)
Access Rights Manager (ARM)	Network Performance Monitor (NPM)

Who is Dave Yonce?

Yonce, 52, created SolarWinds in 1999 with his brother, David. The company provides IT management software to more than 95,000 customers in 180 countries. Prior to founding SolarWinds he was a principal consultant at International Network Services, an IT firm that merged with the former Lucent Technologies in 1999.

What government agencies were affected by SolarWinds hack?

At that stage there were eight federal agencies confirmed to have been breached, including the US Treasury Department, the Department of Homeland Security, the US Department of State, the US Department of Energy, and the National Nuclear Security Administration.

When did SolarWinds hack happen?

20192020 United States federal government data breach / Start date
SolarWinds saw signs of hackers invading their networks as early as January of 2019, about eight months earlier than the previously publicly disclosed timeline for the sweeping cyber-espionage campaign, and nearly two years before anyone discovered the breach.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.