When the cybersecurity firm FireEye disclosed that it had been hacked and gotten its security testing tools stolen, they uncovered something much larger. A spyware implanted in their IT-management and security platform Orion had infected their system, a platform that is used by a majority of U.S governmental and private institutions.
Solarwinds, the company behind the Orion platform, had been hacked a year earlier and had their product update for Orion laced with spyware. The update had not only reached thousands of SolarWinds corporate customers, but also a trove of high ranking U.S institutions like the Treasury, State Department, and Department of Homeland Security.
The sophistication behind it, and the fact it went undetected for so long suggested a nation-state was behind it. In early January, U.S intelligence agencies were blaming Russia for the intrusion, narrowing it down to the hacking group ATP29 aka “Cozy Bear“.
In this infographic, we will break down how the hack of the century happened, who was involved, and what the fallout will be.