acm-header
Sign In

Communications of the ACM

Home/News/A 'Worst Nightmare' Cyberattack: The Untold Story.../Full Text
ACM News

A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack

By NPR
April 20, 2021
Comments
View as: Print Mobile App Share:
Artist's impression of the SolarWinds hack.

Hackers believed to be directed by the Russian intelligence service used a routine software update to slip malicious code into a network management system, and then used it as a vehicle for a massive cyberattack against America.

Credit: Zo van Dijk/NPR

"This release includes bug fixes, increased stability and performance improvements."

The routine software update may be one of the most familiar and least understood parts of our digital lives. A pop-up window announces its arrival and all that is required of us is to plug everything in before bed. The next morning, rather like the shoemaker and the elves, our software is magically transformed.

Last spring, a Texas-based company called SolarWinds made one such software update available to its customers. It was supposed to provide the regular fare — bug fixes, performance enhancements — to the company's popular network management system, a software program called Orion that keeps a watchful eye on all the various components in a company's network. Customers simply had to log into the company's software development website, type a password and then wait for the update to land seamlessly onto their servers.

The routine update, it turns out, is no longer so routine.

From NPR
View Full Article

 

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account