In December 2020, the SolarWinds cyberattack made headlines around the world as it was discovered that a sophisticated attack had compromised the software supply chain of SolarWinds, a Texas-based IT company. The cyberattack resulted in the breach of several government agencies and private companies in the United States. While the investigation into the cyberattack is still ongoing, Secureworks, a cybersecurity firm, recently revealed a potential connection between the SolarWinds cyberattack and a Chinese company.
Secureworks released a report detailing their findings, which suggests that a Chinese company named Spiral, also known as Hafnium, may have played a role in the SolarWinds cyberattack. The report claims that Spiral is a sophisticated cyber-espionage group that has been active since at least 2012 and has targeted organizations across the world, including those in the United States.
The report further details that Spiral has been known to use a tactic called “island hopping,” where they compromise a supplier’s network to gain access to the networks of their customers. This tactic is similar to the supply chain attack that was used in the SolarWinds cyberattack, which suggests that Spiral may have been involved in the attack.
While the report does not definitively prove that Spiral was responsible for the SolarWinds cyberattack, it does provide strong evidence linking the two. Furthermore, the report notes that Spiral has been linked to the Chinese government, which raises concerns about potential state-sponsored cyberattacks.
In response to the report, SolarWinds has stated that they are cooperating with law enforcement agencies and have implemented several security measures to prevent similar attacks in the future. The company has also advised its customers to update their software to the latest version to ensure they are protected from any vulnerabilities.
The potential connection between the SolarWinds cyberattack and a Chinese company highlights the increasing sophistication of cyber-espionage groups and the need for companies and organizations to remain vigilant and take appropriate measures to protect their networks. It also raises concerns about the potential for state-sponsored cyberattacks and the need for governments to work together to address this growing threat.