Denmark’s Central Bank hacked through SolarWinds vulnerability

Cybersecurity specialists report that the Denmark Central Bank IT  systems were compromised during SolarWinds’ supply chain attack a few months ago, allowing threat actors to leave a persistent backdoor for more than half a year.

The hacking group behind the attack on SolarWinds, allegedly sponsored by the Russian government, used highly sophisticated code to modify an update to the SolarWinds Orion network management software, which was downloaded about 18 thousand times by system administrators worldwide.

Thanks to this malicious update, hackers could use SolarWinds to enter a network and then create a backdoor that would guarantee them continuous access to compromised resources.

The backdoor remained on the Danish bank’s networks for more than seven months, until it was detected by experts from security firm Fire Eye. This is a worrying fact since the Central Bank manages transactions for billions of dollars on a daily basis, although a representative assures that so far no real impact has been detected derived from this incident.

Although an additional statement has been requested from SolarWinds, the company has not commented on this new report.

Microsoft’s current president has repeatedly described this incident as “the largest and most sophisticated attack ever recorded,” which appears to have been confirmed after the company concluded its investigation into the SolarWinds Orion engagement.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.