You may have heard of a massive hacker attack that has been making headlines in the Western media since December last year. It was called the Solar Wind Attack. Today my attempt is to bring the information of this hacker attack to the Android users in simple Sinhala language.
What are Solar Winds?
In the modern technological world, all public and private institutions rely on information technology. That is, those institutions are directly connected to computers. These computers use computer networks to connect to each other. These are called computer networks. Also, many of the governmental and non-governmental organizations mentioned above are connected through the internet that we use daily.
Networked computer systems require a great deal of effort to check and maintain that they are working properly. Solar Winds is one of the leading American software and service providers used to simplify this difficult task. Solar Winds is the name of the company.
It provides IT and networking services to a number of leading U.S. government agencies as well as a large number of NGOs. The target of the hackers was the Sun Winds. The hackers knew that data on a number of American companies could be obtained if the agency was attacked.
How the attack took place
The hacker carried out the attack so effectively that the authorities did not know that they had been hacked until nine or ten months after the attack.
Months after the attack, a cyber security service provider called Fire Eye learned that they had been hacked. The agency that traced the source of the attack found that this was not just one attack on them, but a massive attack on a number of American companies through the Solar Winds.
Foreign media described the attack as “how it happened”.
In early 2020, hackers entered the Solar Winds computer system. They then insert their malicious code into their software system. This software system is called Orion by Sun Winds. More than 33,000 companies have acquired the Orion software system from Solar Winds.
Any software service provider usually provides updates to their customers. It’s common to receive updates for apps on your phone through the Play Store, as well as Windows updates for your computer. Solar Winds also provided updates to those who purchased and used their software.
In early March, Sun Winds released an update to their software. With this update, the malicious code entered by the hackers was hidden and entered into the computer systems of those who updated the software. Those customers never thought that malicious code would come to their computers with a software update.
This code allowed hackers to gain access to installed computers, and hackers installed more malware on them and stole the data they needed. The data was modified as they seemed appropriate. Thus, they were allowed access to the relevant systems as needed for months.
Victims of the attack
Of the more than 33,000 users of the Orion computer system acquired by Surya Winds, about 18,000 have installed updates sent with the relevant malicious code. They were all exposed to hackers.
Meanwhile, there were a number of top American government and non-governmental organizations.
The Pentagon, the Department of Homeland Security, the State Department, the Department of Energy, the National Nuclear Security Administration (Energy and Nuclear Safety Authority) and the Treasury have been identified as key government agencies that have been targeted by hackers. The seriousness of the attack can only be understood by looking at these institutions.
Private companies such as Microsoft, Cisco, Intel and Deloitte were also affected. These include Government Hospitals in California and Kent State University.
As we discussed earlier, the relevant agencies continued their normal practice for months after the attack, not knowing whether they had been cut down or not.
There are usually two countries that the US government blames for such an attack. One is China. The other country is Russia. The United States has blamed Russia’s international intelligence service for the attack. The agency has previously been accused of embezzling the White House and several other government agencies.
Russia has denied the allegations, and Donald Trump has blamed China. However, new President Joe Biden has said that this was done by a group of Russian hackers. Both Microsoft and Fire Eye, which revealed the attack, later said in an investigation that Russia was responsible for the attack.
Computer experts say the attack can take years to repair and can cost a fortune.
Also, the influence of the relevant hackers has not stopped yet. They are this month