The attack "impacted critical infrastructure providers, potentially impacting energy and manufacturing capacities,” she said, and created an ongoing intrusion that “should be treated as a serious event with potential for great harm.”įollowing is a timeline of how events related to the SolarWinds hack have unfolded, to date. The SolarWinds attack is unprecedented because of "its capability to cause significant physical consequences," says University of Richmond management professor Shital Thekdi, an expert on risk management and industrial and operations engineering.
#Solarwinds products software
While it is “hard to say” if the SolarWinds software supply-chain compromise will become known as the highest-impact cyber intrusion ever, it did catch “many people off guard” despite the security industry’s frequent warnings that supply chains pose substantial risks, according to Eric Parizo, principal analyst of security operations at Omdia, a global research firm.
Since the news of the breach, shares of SolarWinds have dropped by nearly 33%, as the Orion software product accounts for approximately half of its revenue, according to the Associated Press.įox News' Hollie McKay and FOX Business' Bradford Betz and Lucas Manfredi contributed to this story.Editor's note: This article, originally published on April 5, 2021, has been updated to reflect recent developments.ĭetails of the 2020 SolarWinds attack continue to unfold, and it may be years before the final damages can be tallied. Though the hack of SolarWinds' Orion software is widely believed to have started in March, it wasn't until Sunday, when one of its customers, the cybersecurity firm FireEye, revealed its own systems were breached that the operation was discovered. GET FOX BUSINESS ON THE GO BY CLICKING HERE On Sunday, SolarWinds started to alert approximately 33,000 of its customers that an “outside nation state" - widely suspected to be Russia - had found a back door into some updated versions of its premier product, Orion. The ubiquitous software tool, which helps organizations monitor the performance of their computer networks and servers, had become an instrument for spies to steal information undetected. “The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” National Security Council spokesman John Ullyot told FOX Business on Saturday.įACEBOOK'S SANDBERG JABS GOVERNMENT OVER ANTITRUST LAWSUITSĪccording to Reuters, the hack was so serious it led to a National Security Council meeting on Saturday. Treasury Department and the Commerce Department’s National Telecommunications and Information Administration, which is responsible for putting together internet and telecommunications policy. government acknowledged reports that hackers backed by a foreign government breached the U.S. Like its larger competitor Microsoft, SolarWinds' products are widely used in both the public and private sectors. Almost all Fortune 500 companies are reported to use SolarWinds products to scan their networks, including major defense contractors such as Boeing, according to the New York Times.Īmong the public sector, its roster includes a number of highly sensitive federal agencies ranging from the Department of Justice to the Centers for Disease Control. According to the company's website, its first products, Trace Route and Ping Sweep, “arrived on the scene to help IT pros quell everyone’s world-ending fears" just before the turn of the millennium and the Y2K computer bug.