U.S. government agencies were not the only ones hit by a recent cyberattack thought to be carried out by Russian hackers, The Wall Street Journal reports.
According to an analysis of internet records, the Journal found that at least 24 organizations installed a SolarWinds software update laced with malicious code that gave hackers access to their systems via a backdoor.
To figure out what groups were hit and when, the Journal used digital clues from victim computers collected by threat-intelligence companies Farsight Security and RiskIQ. Decryption methods were used to reveal the identities of some of the servers that downloaded the malicious code.
Companies possibly impacted include: Cisco Systems Inc., chip makers Intel Corp. and Nvidia Corp., accounting firm Deloitte LLP, cloud-computing software maker VMware Inc., and Belkin International Inc., which sells home and office Wi-Fi routers and networking gear. The hackers also had access to the California Department of State Hospitals and Kent State University, according to the analysis.
SolarWinds said as many as 18,000 of its customers could have been hit by the attack. Hackers placed malicious code in a routine software update, according to the company.
SolarWinds told the outlet that it traced activity from the hackers back to October 2019. An investigation into the attack is underway with assistance from security companies, law enforcement, and intelligence agencies. Most of the targeted companies say they have not seen any negative impact from the hack.
A Cisco spokesman said the company found the malicious software on some employee systems and a small number of laboratory systems. “At this time, there is no known impact to Cisco offers or products,” a company spokesman said.
The Journal reported that Intel downloaded and ran the tainted software. A spokesman said it has not found any evidence that the hackers used the backdoor to access the company’s network.
Deloitte, which according to the analysis was hit with the bad software in late June, said it hasn’t “observed indications of unauthorized access to our systems at this time.”
A VMware spokesman said the company found “limited instances” of the malicious software in its systems, but its “internal investigation has not revealed any indication of exploitation.”
A Belkin spokeswoman said there “has been no known negative impact identified to date.” A Nvidia spokesman said the company is still conducting its investigation but has “no evidence at this time” that Nvidia was adversely affected.
Marisa Herman ✉
Marisa Herman, a Newsmax senior reporter, focuses on major and investigative stories. A University of Florida graduate, she has more than a decade of experience as a reporter for newspapers, magazines, and websites.
© 2024 Newsmax. All rights reserved.