From UPSC perspective, the following things are important :
Prelims level : SolarWinds Hack
Mains level : Cyber attacks and the treats posed to national security
The ‘SolarWinds hack’, a cyberattack recently discovered in the US, has emerged as one of the biggest ever targeted against the US government, its agencies and several other private companies.
Do you know about the ‘Five Eyes’ group of nations?
- It was first discovered by US cybersecurity company FireEye, and since then more developments continue to come to light each day.
- The US termed it as a highly sophisticated threat actor calling it a state-sponsored attack, although it did not name Russia.
- It said the attack was carried out by a nation with top-tier offensive capabilities and the attacker primarily sought information related to certain government customers.
How dangerous is the attack?
- This is being called a ‘Supply Chain’ attack.
- Instead of directly attacking the federal government or a private organization’s network, the hackers target a third-party vendor, which supplies software to them.
- Once installed, the malware gave a backdoor entry to the hackers to the systems and networks of SolarWinds’ customers.
- More importantly, the malware was also able to thwart tools such as anti-virus that could detect it.
The deadliest cyber-attack ever in the US
- The US Energy department which is responsible for managing America’s nuclear weapons is the latest agency to confirm that it has been breached in the SolarWinds cyber attack.