A cybersecurity expert warned that the alleged Russian hack of SolarWinds software, which affected top government agencies, is “probably an 11” in terms of seriousness on a scale of one to 10.
The U.S. Department of Homeland Security warned on Sunday that users of SolarWinds should disconnect or disable the software after it was discovered hackers had compromised an update from the company earlier this year. Unidentified sources told Reuters and the Associated Press that Russian hackers were believed to be behind the cyberattack, which hit federal government agencies and many of the nation’s top companies.
“It’s been said on a scale of one to 10 this is probably an 11 for the type of attack, the magnitude and the potential damage it’s done,” cybersecurity analyst Mark Wright, the chief security adviser at California-based cybersecurity startup Sentinel One, told Fox News on Monday morning. “Not from an infrastructure standpoint like going after the energy grid or taking things down. But simply from the loss of information, the stealing of secrets, especially very sensitive information and the fact that this was going on for months.”
“We have yet to even understand how big the damage assessment will be. But I guarantee you, by the time it’s done, it will be far worse than what we think it is right now because we still haven’t uncovered all of the people who have been attacked by this campaign,” Wright said.
Randy Watkins, the chief technology officer of Texas-based cybersecurity firm CRITICALSTART, said in an email to Newsweek that the goals of hackers can be financial as well as theft and data destruction.
“The primary motivation for cyber attacks are monetary, theft, and destruction. While many news cycles have covered the more consumer-facing monetary impacts of ransomware, campaigns for theft and destruction of data are still being heavily waged,” Watkins said.
The cybersecurity expert added the incoming administration of President-elect Joe Biden “will have to recognize the growing threat of cyber attacks from prominent world powers and terrorist nations alike.”
The new hack has affected Treasury Department and Commerce Department emails, and SolarWinds software is used by many other federal agencies including the Pentagon, the White House and NASA. Reuters reported Monday that the Department of Homeland Security was impacted as well. SolarWinds’ website says that “more than 425 of the U.S. Fortune 500” companies use its software as well. NBC News reported Monday that thus far, there is no evidence that classified U.S. government networks were breached. The scope of the attack remains under investigation.
In a Monday update, SolarWinds suggested that thousands of clients had potentially been impacted by the vulnerability, which had arisen through an update in the spring. “SolarWinds currently believes the actual number of customers that may have had an installation of the Orion products that contained this vulnerability to be fewer than 18,000,” the company said.
Russia has denied any involvement in the cyberattack. But Moscow’s efforts to interfere in government and private systems around the world have been well documented and reported by U.S. and allied intelligence agencies. It is typical for Russia—or other nations—to deny involvement with such attacks when they are accused. China and Iran have also recently been accused of carrying out cyberattacks against the U.S.
“I reject these statements, these accusations once again,” Dmitry Peskov, a spokesperson for Russian President Vladimir Putin said Monday, Russia’s Tass news agency reported. Peskov added: “It is wrong to groundlessly blame Russians right away. We have nothing to do with this.”
CRITICALSTART® and MOBILESOC® are federally registered trademarks owned by Critical Start. Critical Start also claims trademark rights in the following: Cyber Operations Risk & Response™ platform, and Trusted Behavior Registry®. Any unauthorized use is expressly prohibited.