Why the SolarWinds hack matters
Maybe you saw the news on the SolarWinds hack. If you didn’t, you should follow me on Twitter: https://twitter.com/TristanDostaler
In this post I want to explain, in a way understandable by everyone, why this hack matters.
What is SolarWinds Orion
SolarWinds is a US based company. They have clients worldwide. One of the products they offer is Orion. This tool does a lot of things, but the main feature that interest us is that it provides the ability to monitor your infrastructure. To do this, you need to install the Orion agent on one of your servers. This agent is installed with high privileges and is able to login on most of your infrastructure to gather metrics like CPU, RAM, etc.
What’s the hack
At the moment I am writing these lines, it is unclear how SolarWinds got hacked. What we know is that it was perpetrated by an APT (Advanced Persistent Threat, a term used to describe high profile malicious hacker groups) probably backed by Russia. In other words, they got hacked by a highly skilled group of hackers with deep pockets.
Keep reading with a 7-day free trial
Subscribe to Tristan’s Cybersecurity Substack to keep reading this post and get 7 days of free access to the full post archives.