Analysis: eavesdropping on high-value targets is labour intensive so hackers may not have made most of access
If there is one silver lining to the months-long global cyber-espionage campaign discovered when a prominent cybersecurity firm learned it had been breached, it might be that the sheer numbers of potentially compromised entities offers them some protection.
By compromising one piece of security software – a security tool called Orion developed by the Texan company SolarWinds – the attackers gained access to an extraordinary array of potential targets in the US alone: more than 425 of the Fortune 500 list of top companies; all of the top 10 telecommunications companies; all five branches of the military; and all of the top five accounting firms.
