Hackers first accessed SolarWinds in September 2019 and went to great lengths not to be detected by the company’s software development and build teams, the company’s new CEO said.
“The SUNBURST attack appears to be one of the most complex and sophisticated cyberattacks in history,” wrote Sudhakar Ramakrishna in a blog post on Monday. “We understand that the software development and creation process used by SolarWinds is common across the software industry. We believe that sharing this information openly will help the industry protect itself from similar attacks in the future.”
Hackers went to great lengths to ensure that their code was properly inserted and undetected, while prioritizing operational security to avoid SolarWinds developers revealing their presence, CrowdStrike wrote in a separate blog post on Monday. SolarWinds is working with CrowdStrike, KPMG, its legal advisor DLA Piper, and other industry experts to conduct a root cause analysis of the attack.