Security News > 2020 > December > SolarWinds Likely Hacked at Least One Year Before Breach Discovery
An analysis of the infrastructure and the malware involved in the attack targeting SolarWinds indicates that the Texas-based IT management and monitoring company was hacked at least one year prior to the discovery of the breach.
An analysis of the threat actor's infrastructure conducted by threat intelligence company DomainTools, which specializes in DNS and domain analysis, suggests that SolarWinds was breached at some point in 2019.
The actual breach of SolarWinds infrastructure likely took place before this date.
According to DomainTools, the attackers likely started infrastructure management and staging in December 2019 and in February 2020 they started operationalizing command and control domains.
"The SolarWinds intrusion was a long-planned event, occurring in distinct stages: supply chain breach, software modification testing, infrastructure development, then final deployment," explained Joe Slowik, senior security researcher at DomainTools.