The Story Behind The SolarWinds Cyberattack

Consider This from NPR

NPR

News, Society & Culture, Daily News, News Commentary

4.2 • 6.2K Ratings

🗓️ 23 April 2021

⏱️ ? minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Last year, hackers believed to be directed by the Russian intelligence service, the SVR, slipped a malicious code into a routine software update from a Texas- based company called SolarWinds. They then used it as a vehicle for a massive cyberattack against America and successfully infiltrated Microsoft, Intel, Cisco and other companies, and federal agencies including the Treasury Department, Justice Department, Energy Department and the Pentagon.

The Biden administration recently announced a roster of tough sanctions against Russia as part of what it characterized as the "seen and unseen" response to the SolarWinds breach.

NPR investigative correspondent Dina Temple-Raston has spent months examining the landmark attack that — based on interviews with dozens of players — reveals a hack unlike any other.

In participating regions, you'll also hear from local journalists about what's happening in your community.

Email us at considerthis@npr.org.

See pcm.adswizz.com for information about our collection and use of personal data for sponsorship and to manage your podcast sponsorship preferences.

NPR Privacy Policy

Transcript

Click on a timestamp to play from that location

0:00.0	One Friday late last year, Kevin Mandia was scanning his schedule.
0:05.2	And he didn't know it then, but he was about to kick off one of the biggest cyber
0:09.2	espionage stories in recent memory.
0:11.4	It just appeared on my calendar.
0:12.7	It was one of those events where I just looked down what's next.
0:15.1	Oh, in five minutes, I have a security brief.
0:16.8	Mandia is the CEO of the cybersecurity firm FireI.
0:20.8	And that briefing was about a suspicious incident.
0:24.9	I would say about 10 minutes into it.
0:27.2	I felt we had a problem.
0:28.4	Here's what happened.
0:29.8	The company uses two factor authentication to protect its network.
0:33.6	Maybe you know it from your email or bank account.
0:36.0	Just like everybody, we had six digits pushed to our cell phones.
0:39.8	When we're logging into network resources remotely, they send a code to your phone
0:44.4	that you need in addition to your password to log in.
0:47.4	The FireI security team noticed that one of these codes was sent to a newly registered phone.
0:53.3	So they called up that employee.
0:55.0	And the gentleman said, no, I did not register that phone.
0:58.6	So who did?
1:00.0	This was bad.
1:00.8	It felt like it was time to brace for impact.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from NPR, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of NPR and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.