The attackers also gained access to California State Hospitals and Kent State University.
Last week there was news that SolarWinds had been hacked, possibly by the Russian government, and that the US Treasury, Trade, Foreign Affairs, Energy and Homeland Security had been affected.
Other government agencies and several companies are investigating because of SolarWinds’ extensive client list.
Cisco, Intel, Nvidia, Belkin, and VMware include malware-infected computers within their networks.
And there could be much more. SolarWinds reported that fewer than 18,000 companies were affected, and it tried to hide the list of clients who used the infected software.
The Wall Street Journal explains that some popular SolarWinds customers have become sure to be affected by the hack.
Big tech companies are presently offering the same story, which boils down to saying: We are investigating, but we don’t think that has affected us.
And theVerifying the full effects of the breach can take a long time, as has happened in previous cases, such as the 2016 email breach of the Democratic National Committee.
After the hackers entered the system, it can also be difficult to know that they have completely disappeared. As he explains report The Associated Press, it can be difficult to fully trust a network after a hacker gets into it.
In this case, investigators have a lot of data to look into, as the hack – which began months ago – is still going on.
Adding to the problem, investigators found another hacker group that had infiltrated SolarWinds using a similar exploit.
This attack, codenamed Supernova, was initially believed to be part of the main attack known as Sunburst, but investigators now believe it was carried out by a second, less complex group.
There are many reasons why a hacker group might want to enter a large tech company’s systems, including access to future product plans or employee and customer information that could be sold or paid for in ransom.
It is also possible that these companies were mainly unintended to attack, because the hacking groups wanted to reach government agencies, which happened to share the same IT management systems that SolarWinds provides.
It is reported that the Computer Security Organization of the US government Announced That every federal agency should shut down their SolarWinds immediately.