Artificial Intelligence: Open Season On SolarWinds; There Was A Second (Chinese?) Attack
Sources told Reuters that a Chinese group launched a second attack on SolarWinds.
It is now clear the much-publicized, allegedly Russian hack on beleaguered US IT company SolarWinds (NYSE: SWI) in December was not the only one. According to a Reuters report, suspected Chinese hackers also had a go at the company. They succeeded in breaching computers at the National Finance Center and other U.S. government agencies. (CRN)
Dangerous implications
Investigators fear that the hackers may have got their hands on confidential data relating to thousands of government employees.
According to Reuters, the hacker group exploited a flaw in Orion’s code to help spread across networks they had already compromised. They could, therefore, add malicious Supernova code to the Orion software in the customer’s network.
A former government official said the fallout from this attack could be massive.
According to ThreatPost, SolarWinds discovered this second breach in December. Microsoft (NASDAQ: MSFT) said at the time that the malware did not match the fingerprints of the Russian-originated Sunburst supply chain attack. Microsoft, therefore, concluded that the second attack could be the handiwork of a different group.
SolarWinds: Microsoft warning on AI and “guns for hire” hackers
Brad Smith, President of Microsoft, commented on the supply chain attack in a blog post on December 17.
“These types of sophisticated nation-state attacks are increasingly being compounded by another technology trend, which is the opportunity to augment human capabilities with artificial intelligence (AI).”
“One of the more chilling developments this year has been what appears to be new steps to use AI to weaponize large stolen datasets about individuals and spread targeted disinformation using text messages and encrypted messaging apps.”
“We should all assume that, like the sophisticated attacks from Russia, this too will become a permanent part of the threat landscape.”
Smith also drew attention to another looming threat. He said a new generation of private companies was proliferating with the brief to launch cyberattacks. These entities were a kind of 21st-century mercenaries, he added.
Furthermore, this sinister group is large enough to be labeled as “private sector offensive actors,” or PSOAs. This is a dangerous development according to Smith.
“An industry segment that aids offensive cyberattacks spells bad news on two fronts. First, it adds even more capability to the leading nation-state attackers, and second, it generates cyberattack proliferation to other governments that have the money but not the people to create their own weapons. In short, it adds another significant element to the cybersecurity threat landscape.”
Related Story: SolarWinds Attack More Widespread Than Thought
Latest Alternative Investment News
Artificial Intelligence: AMD Takes On Rivals In The AI Chip Sweepstakes
Chipmaker AMD (NASDAQ: AMD) has unveiled a range of innovative AI solutions spanning from data centers to personal computers. The AMD Instinct MI300 Series features data center AI accelerators, while…
Digital Assets: Robinhood Debuts Crypto Trading On Its App In The EU
Robinhood (NASDAQ: HOOD) has launched its Crypto app in the European Union (EU), allowing eligible customers to engage in crypto trading with the added incentive of earning Bitcoin rewards. Customers…
FinTech: Samsung Electronics Ties With Mastercard’s Wallet Express
Samsung Electronics (KRX: 005930) and Mastercard (NYSE: MA) have partnered to launch the Wallet Express program, offering banks and card issuers a cost-effective way to expand digital wallet offerings. Through…
Venture Capital: Revaia, Europe’s Biggest Female-Led VC Firm, Racks Up $160M For Second Fund
Revaia, Europe’s largest female-founded venture capital firm, has successfully raised €150 million ($160 million) for its second fund, Revaia Growth II. The funding was secured from sovereign wealth funds, family…