Sources told Reuters that a Chinese group launched a second attack on SolarWinds.

It is now clear the much-publicized, allegedly Russian hack on beleaguered US IT company SolarWinds (NYSE: SWI) in December was not the only one. According to a Reuters report, suspected Chinese hackers also had a go at the company. They succeeded in breaching computers at the National Finance Center and other U.S. government agencies. (CRN)

Dangerous implications

Investigators fear that the hackers may have got their hands on confidential data relating to thousands of government employees.

According to Reuters, the hacker group exploited a flaw in Orion’s code to help spread across networks they had already compromised. They could, therefore, add malicious Supernova code to the Orion software in the customer’s network.

A former government official said the fallout from this attack could be massive.

According to ThreatPost, SolarWinds discovered this second breach in December. Microsoft (NASDAQ: MSFT) said at the time that the malware did not match the fingerprints of the Russian-originated Sunburst supply chain attack. Microsoft, therefore, concluded that the second attack could be the handiwork of a different group.

SolarWinds: Microsoft warning on AI and “guns for hire” hackers

Brad Smith, President of Microsoft, commented on the supply chain attack in a blog post on December 17.

“These types of sophisticated nation-state attacks are increasingly being compounded by another technology trend, which is the opportunity to augment human capabilities with artificial intelligence (AI).”

“One of the more chilling developments this year has been what appears to be new steps to use AI to weaponize large stolen datasets about individuals and spread targeted disinformation using text messages and encrypted messaging apps.”

“We should all assume that, like the sophisticated attacks from Russia, this too will become a permanent part of the threat landscape.”

Smith also drew attention to another looming threat. He said a new generation of private companies was proliferating with the brief to launch cyberattacks. These entities were a kind of 21st-century mercenaries, he added.

Furthermore, this sinister group is large enough to be labeled as “private sector offensive actors,” or PSOAs. This is a dangerous development according to Smith.

“An industry segment that aids offensive cyberattacks spells bad news on two fronts. First, it adds even more capability to the leading nation-state attackers, and second, it generates cyberattack proliferation to other governments that have the money but not the people to create their own weapons. In short, it adds another significant element to the cybersecurity threat landscape.”

Related Story:   SolarWinds Attack More Widespread Than Thought