This blog and the associated Github repository discuss the SolarWinds hack.

Posts

  • May 3, 2021

    US Government's attribution for the SolarWinds hack

    This post will summarize the US Government’s attribution for the SolarWinds Hack based on information released by the US government and interpreted by third parties.

  • Mar 21, 2021

    Zero Trust Recommendations

    In this post, we will summarize various organizations’ take on zero-trust as a mechanism to protect against hacks similar to the SolarWinds one.

  • Feb 3, 2021

    Trustwave's News Timeline

    In this post, we will summarize news on the SolarWinds hack from Trustwave’s perspective.

  • Jan 27, 2021

    Security Firms Attacked

    In this post, we document the list of Security firms attacked by UNC2452. While many of these firms were breached, some were not.

  • Jan 23, 2021

    Symantec's News Timeline

    In this post, we will summarize news on the SolarWinds hack from Symantec’s perspective.

  • Jan 22, 2021

    Volexity's News Timeline

    In this post, we will summarize news on the SolarWinds hack from Volexity’s perspective.

  • Jan 12, 2021

    Attacker List and Name Equivalences

    Different security companies refer to (presumably) the same attacker using their own naming scheme. In this post, we list the names used by security companies for the SolarWinds hack perpetrators, along with name equivalences where applicable.

  • Jan 11, 2021

    How was Orion Compromised?

    In this post, we track news reports on Orion’s compromise.

  • Jan 10, 2021

    US Federal Goverment Departments and Agencies Breached

    In this post, we document the list of US Federal agencies known to have been breached by the SolarWinds hack.

  • Jan 9, 2021

    How was SolarWinds Breached?

    In this post, we track news reports on the actual breach of SolarWinds that allowed the attackers to implant SUNBURST into Orion.

  • Jan 8, 2021

    FireEye Breach Discovery

    In this post, we document FireEye’s discovery of its breach.

  • Jan 7, 2021

    CISA's News Timeline

    This post will summarize news on the SolarWinds hack from CISA’s (Cybersecurity and Infrastructure Security Agency) perspective.

  • Jan 6, 2021

    Microsoft's News Timeline

    In this post, we will summarize news on the SolarWinds hack from Microsoft’s perspective.

  • Jan 5, 2021

    SolarWinds' News Timeline

    In this post, we will summarize news on the SolarWinds hack from SolarWinds’ perspective.

  • Jan 4, 2021

    FireEye's News Timeline

    In this post, we will summarize news on the SolarWinds hack from FireEye’s perspective.

  • Jan 1, 2021

    Introduction to the SolarWinds Project

    The SolarWinds project seeks to analyze the 2020 SolarWinds hack. The SolarWinds hack appears to be a large-scale hack with several intertwined storylines. During this project, we will attempt to disentangle these storylines, create a picture of that which is known, and outline the unknowns.