Does anyone remember the supply chain attack on SolarWinds' Orion software in 2020? That sent shockwaves through the IT landscape as masses of IT systems were hacked. Now it comes out that the US Department of Justice noticed the incident in its own networks six months before the whole thing became public, but failed to recognize the explosive nature of it. Even bigwigs like Microsoft, Mandiant and SW, who were called in, looked at the incident at SolarWinds without immediately realizing its explosive nature. This allowed the attackers to inspect the compromised systems for months.
I had reported extensively here on the blog about the SolarWinds hack of the Orion software, see the post
FireEye hacked, Red Team tools stolen and the posts linked at the end of the article. Many U.S. government agencies also had their IT systems infiltrated by the Russian attackers (see
US Treasury and US NTIA hacked). The whole thing started from a supply chain attack on SolarWinds Orion software, which was used in many companies.
The following
tweet reveals now that the US Department of Justice as well as big names like Microsoft, Mandiant or SW looked at the incident without really recognizing its explosive nature. The IT specialists had seen signs of an intrusion into the IT systems. But it wasn't until six months later that there was a disclosure from Mandiant about the attackers' campaign. Wired uncovered this story in the article
The DOJ Detected the SolarWinds Hack 6 Months Earlier Than First Disclosed.
