SolarWinds hack in 2020: US Department of Justice knew 6 months in advance


Level 74
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
Does anyone remember the supply chain attack on SolarWinds' Orion software in 2020? That sent shockwaves through the IT landscape as masses of IT systems were hacked. Now it comes out that the US Department of Justice noticed the incident in its own networks six months before the whole thing became public, but failed to recognize the explosive nature of it. Even bigwigs like Microsoft, Mandiant and SW, who were called in, looked at the incident at SolarWinds without immediately realizing its explosive nature. This allowed the attackers to inspect the compromised systems for months.

I had reported extensively here on the blog about the SolarWinds hack of the Orion software, see the post FireEye hacked, Red Team tools stolen and the posts linked at the end of the article. Many U.S. government agencies also had their IT systems infiltrated by the Russian attackers (see US Treasury and US NTIA hacked). The whole thing started from a supply chain attack on SolarWinds Orion software, which was used in many companies.

The following tweet reveals now that the US Department of Justice as well as big names like Microsoft, Mandiant or SW looked at the incident without really recognizing its explosive nature. The IT specialists had seen signs of an intrusion into the IT systems. But it wasn't until six months later that there was a disclosure from Mandiant about the attackers' campaign. Wired uncovered this story in the article The DOJ Detected the SolarWinds Hack 6 Months Earlier Than First Disclosed.


Level 78
Top Poster
Mar 29, 2018
This in particular stands out:
In July 2020, with the mystery still unsolved, communication between investigators and SolarWinds ended. A month later, the DOJ bought the Orion system, indicating that the agency was convinced that there was no further threat from the Orion suite, the sources said.
Wow! o_O

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.