A troubling detail has come to light as part of the SolarWinds investigation, namely that 30% of victims didn’t use the software in question.
The SolarWinds attack was one of the worst cybersecurity breaches in US history. Hackers compromised SolarWinds’ Orion IT software, injecting a trojan that allowed them to target companies and organizations using the software. The attack was what is known as a supply chain attack, as it compromised legitimate software in the supply chain, before it could be distributed.
According to new information, however, it appears the hackers behind the attack were not relying solely on SolarWinds software since roughly 30% of victims weren’t using it.
The hackers “gained access to their targets in a variety of ways. This adversary has been creative,” Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency, told The Wall Street Journal. “It is absolutely correct that this campaign should not be thought of as the SolarWinds campaign.”
The revelation casts a new light on the attack, and the ingenuity the hackers demonstrated, as well as the threat they pose.