The massive SolarWinds hack: What happened, and what it means for U.S. cyber security

By , KYW Newsradio

U.S. authorities are sounding the alarm about a large-scale hack into computer systems around the world.

Officials suspect the cyber attack was carried out by Russian hackers.

We are still learning about the damage caused by what is being called the "SolarWinds hack."

Dr. Jason Thatcher, the Milton Stauffer professor of information systems at the Fox School of Business at Temple University, explained what is known about what happened.

"We know a team of what we call 'black hat' hackers, probably working for a national government," he said, "inserted a sliver of code, called malware, into a software company called SolarWinds, which offers a suite of tools which are used by most of the Fortune 500, all top 10 U.S. telecoms, all five branches of the U.S. military, the Pentagon, the State Department, NASA..."

The list of high-profile customers goes on, all the way to the Oval Office.

"What that code does is it sits on somebody's server for about two weeks, quietly, until it's activated. And then, when it's activated, it gives you access to the system, such that you can start pulling out data, you can make changes in the system quite innocuously," Thatcher continued.

What makes the malware particularly insidious, he said, is that it is made to look authentic.

"Where it was uploaded to is a secured digital repository, where only the real code sits. It looks authentic. It gets signed by SolarWinds like it's authentic. And then it gets pushed out to all these people."

Listen to the original podcast KYW In Depth on the RADIO.COM app or wherever you get your podcasts.

Facebook | Twitter | Instagram