World

US SEC Reportedly Launches Probe Into Cyber Breach of SolarWinds

In a major cyberattack on SolarWinds in 2019, hackers managed to get access to the company's build system and distribute malicious code to its clients via updates to SolarWinds' software.
Sputnik

The US Securities and Exchange Commission has launched an investigation related to the SolarWinds cyberattack, which was first discovered in December 2020 and may have lasted for over a year, Reuters reported, citing two anonymous sources. The commission reportedly sent letters to the companies that were affected by the cyber breach at SolarWinds, notifying them about the ongoing probe.

According to Reuters' sources, the SEC is looking for details that could indicate insider trading and failure to disclose "failings" that may have taken place in these companies.

US investigators previously determined that a group of hackers managed to get access to a build system of SolarWinds as early as September 2019, planting malicious code in software updates for the company's products – specifically the network monitoring app Orion. Via these updates, the hackers managed to inject Trojans into the computers of around 18,000 SolarWinds clients using Orion, thereby giving the perpetrators access to the machines.

Microsoft Says Over 150 Entities Targeted by Hackers Responsible for SolarWinds Incident

The computers of numerous private companies, government agencies and departments, as well as American military branches were affected by the cyberattack. US authorities claimed that the hacker group was backed by the Russian government. Moscow strongly rejected the accusations, pointing out that Washington failed to present any tangible proof to back such claims.

Discuss