dark reading threat intel and cybersecurity news

The Wall Street Journal identified 24 businesses so far that have downloaded the SolarWinds software infected with malicious code.

A new Wall Street Journal analysis began to name some of the organizations affected in a major cyber-espionage campaign conducted by suspected Russian nation-state attackers. The victims include major US technology and accounting firms, a university, and at least one hospital.

Companies affected include Cisco, Intel, Nvidia, VMware, Deloitte, and Belkin International, in addition to California Department of State Hospitals and Kent State University, the WSJ found. Analysis revealed infected machines at 24 organizations that downloaded infected versions of SolarWinds Orion network management software, which had a backdoor installed in a routine update.

Cisco detected the malicious software on some employee systems and lab systems; so far, it says there is no effect on its products or services. Intel is investigating and has said there is no indication attackers accessed its network. Similarly, the other organizations affected confirm they detected the infected software but there is no indication attackers have exploited it.

The 24 companies identified here mark just a small number of the some 18,000 organizations that may have been affected in the massive supply chain attack, news of which broke last week.

Read the full WSJ analysis here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio