SolarWinds calls for vigilance as it recovers from devastating cyber attack
US software business SolarWinds has made a good recovery after last year’s cyber attack but said its experience should serve as a warning to other companies to remain vigilant amid a rise in hacking campaigns.
The company called for measures to streamline infrastructure and develop a culture of security to at least detect, if not fully prevent, cyber attacks.
It said not doing so can result in potentially significant financial and reputational damages.
“If threat actors are patient and thoughtful, they can get a larger payday from a cyber crime perspective and can boast they got the job done,” chief security officer Tim Brown told The National.
“We need to out-think them, learn what their patterns and activities are, and what they are after.”
Texas-based SolarWinds serves more than 300,000 companies in 190 countries, including important US government entities and almost all Fortune 500 businesses.
It was among a number of companies breached in the cyber attack that came to light in December after going undetected for a year.
The growing threat of similar supply-chain attacks is expected to worsen.
Considered one of the worst cyber espionage cases, the attackers exploited the software credentials of SolarWinds and other US companies such as Microsoft and VMware.
Their credentials were used to hack into several American federal departments such as defence, state, homeland security, treasury and commerce, as well as the UK government, the European Parliament and Nato.
US intelligence agencies said the culprit was a group backed by the Russian government.
Phishing, the practice of sending emails purportedly from reputable companies to trick recipients into revealing personal and sensitive information, significantly increased after the onset of Covid-19.
Seven in 10 respondents in a SophosLabs survey reported an increase in the number of attacks.
All sectors were affected, with central government experiencing the highest increase in attacks (77 per cent), followed by business and professional services (76 per cent) and health care (73 per cent).
However, the incident did little to dent SolarWinds’ profits.
For the first quarter ending March 31 this year, the company posted revenue of $256.9 million, up 4 per cent from a year ago but down 3 per cent from the preceding quarter’s $265.3m.
It rebounded by about 2 per cent to $262m during the second quarter.