Technology developed by SolarWinds is used by government organisations in the US including the military, space agency NASA, cyber intelligence agency, the NSA, and even by the office of the President. It is also used in the UK by the National Health Service, GCHQ and the Ministry of Defence.
Investors in SolarWinds, the US company whose network-monitoring software has been linked to the alleged hacks of US government departments sold $280 million in shares in the days leading up to the suspected attacks.
The share sales happened on 7 December when investor Silver Lake sold $158 million of shares and Thoma Bravo sold $128 million.
The investors said they were “not aware of this potential cyberattack at SolarWinds prior to entering into” the deal, reported the Washington Post.
On Sunday, the media reported that a “sophisticated” group of hackers – allegedly backed by a foreign government – had breached the networks of the US Treasury Department and National Telecommunications and Information Administration, with similar attacks reportedly targeting other government agencies. Hackers were able to spy on emails for months, Reuters reported.
The Cybersecurity and Infrastructure Security Agency (CISA), America’s top cybersecurity entity, issued an emergency directive asking all federal civilian agencies and their public and private partners to stop using products by SolarWinds, after the hack on the US Treasury.
On Wednesday, White House National Security Adviser Robert O’Brien cut short a diplomatic trip to Europe to return to the United States to deal with the incident.
Shares in SolarWinds, which is listed on the New York Stock Exchange, are down by 25 percent since the disclosures.
The UK’s National Cyber Security Centre is also investigating the breach, although no British government department has confirmed it has been affected.