Security News This Week: Russia’s SolarWinds Hack Is a Historic Mess

WIRED

Photograph: Sergio Flores/Reuters

Normally we use this space to round up the biggest stories from all reaches of the cybersecurity world. This week, we’re making an exception, because there’s really only one story: how Russia pulled off the biggest espionage hack on record.

Russia’s hack of IT management company SolarWinds began as far back as March, and it only came to light when the perpetrators used that access to break into the cybersecurity firm FireEye, which first disclosed a breach on December 9. Since then, a cascading number of victims have been identified, including the US Departments of Sate, Homeland Security, Commerce, and the Treasury, as well as the National Institutes of Health. The nature of the attack—and the tremendous care taken by the hackers—means it could be months or longer before the extent of the damage is known. The impact is already devastating, though, and it underscores just how ill-prepared the US was to defend against a known threat—and to respond. It’s also ongoing. 

And there’s so much more. Below we’ve rounded up the most important SolarWinds stories so far from around the internet. Click on the headlines to read them, and stay safe out there.

Full article