5 Security Vendors That Have Reported Cyberattacks Since December
Five cybersecurity vendors disclosed in recent weeks that hackers have attacked their internal systems, compromised their certificates or attempted to access their email accounts. Here’s a rundown of what happened when.
The Dominoes Keep Falling
An unprecedented number of cybersecurity vendors have disclosed in recent weeks that sophisticated hackers have attacked their internal systems, compromised their certificates or attempted to access their email accounts. Many of the attacks have been linked to the colossal SolarWinds campaign, where Russian hackers for months injected malicious code into the SolarWinds Orion network monitoring tool.
“This attack is much broader than SolarWinds, and I expect more companies will come forward soon,” Malwarebytes CEO Marcin Kleczynski wrote on Twitter Tuesday.
Microsoft was a common vector in many of the intrusions, with hackers attempting to hack one cybersecurity vendor through a Microsoft’s reseller Azure account to read the vendor’s Office 365 emails. Hackers gained access to internal company emails stored in Microsoft Office 365 for a second vendor and compromised a certificate used to authenticate several of a third vendor’s tools to Microsoft 365.
Here’s a rundown of how threat actors attempted to compromise five security vendors over the past seven weeks and what damage they were able to inflict.