SolarWinds Attackers Spent Months in Corporate Email System: Report
SolarWinds' CEO says evidence indicates attackers lurked in the company's Office 365 email system for months ahead of the attack.
As SolarWinds continues to investigate a cyberattack that led it to distribute infected software updates to thousands of organizations around the world, new evidence indicates that attackers were present in its Office 365 email system for months, The Wall Street Journal reports.
In an interview this week, newly appointed SolarWinds CEO Sudhakar Ramakrishna said the attackers compromised some employee email accounts, which led them to then compromise other email accounts and, as a result, its broader Office 365 environment.
SolarWinds is still working to determine how and when attackers first breached its internal network, the report states, noting at least one Office 365 account was accessed by December 2019. It is possible attackers compromised Office 365 accounts even earlier and used this as a foothold to get into the company, Ramakrishna said, though this is only one of many potential scenarios.
Since taking the role of CEO, Ramakrishna has hired outside experts to aid in breach recovery including former US cybersecurity official Chris Krebs and former Facebook security chief Alex Stamos, who recently teamed up to form a consulting business. Under his leadership, the company has also changed its software development processes, the report states.
Read the full WSJ report for more information.
About the Author
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024