Skip main navigation

Case study 1: the Solar Winds hack

An overview of The Solar Winds Hack case study.
Close up of computer hardware

In the recent past, hardly a month has gone by without news of a cyber attack on major companies, including those in the critical infrastructure sector. However, it is rare to have an attack on a company’s information systems that has affected many other companies associated with it.

The attack on SolarWinds systems substantially impacted the reliability of its customers’ systems, including the United States government and its agencies. These included high-profile US agencies such as the Department of Homeland Security, the National Nuclear Security Administration, and the Department of Energy. Meanwhile, this attack also impacted private corporations, including technology leaders such as Cisco, Intel, Microsoft, and Deloitte.

SolarWinds is a US-based IT company specialising in developing management software for businesses and government agencies. This heightened the chances of any attack on its systems having a catastrophic flow-on effect beyond SolarWinds’ assets and reputation.

Here’s an overview of how the cyber attack occurred:

“The attackers only needed to get around SolarWinds’ cybersecurity. They then added malicious code to one of the company’s most used software services, Orion. The hacking incident was stealthy and non-destructive, allowing it to slip under SolarWinds’ security safeguards and controls and stay there for months. The code spread itself to other clients by hitching a ride on one of the regular software updates that SolarWinds sends out to its clients. As a result, the malicious code set up a backdoor for the hackers, allowing them to install even more invasive malware, spy on their targets, and leak any information they deemed important.” (Ot, 2021)

This attack is commonly known as a “supply chain attack”, where malware gets inside routine software updates to get distributed legitimately to SolarWinds customers stealthily without being stopped by security safeguards.

Want to know more?

Read

Read this article for further details on the SolarWinds cyber attack that affected the Orion IT monitoring and management software:

Oladimeji, S and Kerner, SM 2022, SolarWinds hack explained: Everything you need to know, Tech Target, 29 June 2022.

© RMIT 2023
This article is from the free online

Security by Design

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now