The advanced hack via tools from SolarWinds would then have led to a hack at far fewer companies than first thought. The company concludes after months of research.
The SolarWinds hack became known at the end of 2020. The supplier of network monitoring tools, among other things, was manipulated by hackers so that updates to its Orion software were provided with a back door. That update was sent out between March and June 2020 to customers who installed the update, and therefore that back door. For example, hackers could easily break into American government agencies, among others.
The damage seemed very significant. SolarWinds itself indicated that some eighteen thousand customers were potentially vulnerable. Some companies in Belgium also use the software, so updating quickly was the message, but whoever did it may have already been hacked and still vulnerable.
After investigating, the company can state that certain groups of customers were never infected anyway because customers did not ultimately install the update or because it was installed in environments that were not directly connected to the Internet.
SolarWinds does not know the exact number itself, but statistical analysis comes to the number of less than a hundred victims.
In the margins of the investigation, the company also states that the perpetrators already carried out a test in October 2019, months before manipulating the update. The company also examined its other products but found no attempts at manipulation there.
English