We already know that last week the IT management company SolarWinds was hacked, possibly by the Russian government, and the US Treasury, Commerce, State, Energy, and Homeland Security departments have been affected. Later investigations revealed that other government agencies and many companies are still identifying the data which was stolen.
The investigation revealed that most of the tech companies were also infected by hackers. Tech giants like Cisco, Intel, Nvidia, Belkin, and VMware have all had computers on their networks infected with the malware.
SolarWinds had stated that “fewer than 18,000 companies were impacted” and that it even attempted to hide the list of clients who used the infected software. All these tech companies are just repeating the same thing from day one. “we’re investigating, but we don’t think this has impacted us.” It can take a long time for the impacts of a hack to be fully realized. Once hackers are inside a system, it can also be difficult to tell if they’re fully gone.
The hacking groups target the tech companies to target future product plans or employee and customer information that could be sold or held for ransom. But it’s also possible these companies were only collateral damage as these hacking groups went after government agencies, ones that happened to share the same SolarWinds-provided IT management systems.
For now, the tech companies don’t seem like any of these companies are particularly worried. In truth, the companies may not have the least bit of care, but it is the user’s data that is vulnerable.