As former CIA agent Paul Kolbe put it last week in a New York Times essay, though, “The United States is, of course, engaged in the same type of operations at an even grander scale. Even if the attacks were purely for information-gathering, which is usually a globally accepted activity, some politicians and researchers say that the intrusions cross a line or are out of step with espionage norms because of their scale and scope. The SolarWinds attacks so far seem to have been largely for espionage, though some experts warn that it's too soon to tell whether there was a destructive component. Russian hackers have used the technique before, sometimes with more expressly destructive goals. The situation underscores the threat posed by supply chain attacks, because they can efficiently undermine all of a company's customers in one fell swoop. For example, critical infrastructure companies like more than a dozen in the oil, electric, and manufacturing sectors seem to have installed the backdoor, but it's not clear how extensively they were actually infiltrated by attackers. And for an unlucky subset, the attackers moved deep within victim networks for reconnaissance and data exfiltration. In other cases they used the access just long enough to figure out that they didn't care about the target. In some cases the hackers planted a backdoor but didn't go any farther.
The impact of the attack varied among victims. There is also some evidence that the attackers compromised victims through other means aside from the SolarWinds breach, but through that one intrusion the attackers created access for themselves in roughly 18,000 SolarWinds customer networks, according to the company. What WIRED learned from tech, science, culture, and more in 2020
0 kommentar(er)
