Denmark’s central bank exposed in SolarWinds hack: ReportPosted On: Jun. 29, 2021 10:34 AM CST
(Reuters) — Denmark's central bank was compromised in last year's global SolarWinds hacking operation, leaving a “backdoor” to its network open for seven months, IT media Version2 reported Tuesday, citing documents related to the case.
The hackers, accused by the United States of working for Russian intelligence, were unusually sophisticated and modified code in SolarWinds network management software that was downloaded by 18,000 customers around the globe.
The attackers could use SolarWinds to get inside a network and then create a backdoor for potential continued access.
Such a backdoor stood open at the Danish central bank for seven months until it was discovered by U.S. security company Fire Eye, Version2 said, citing various documents it obtained under a freedom of information request.
The central bank, which manages transactions worth billions of dollars each day, said in an emailed comment to Reuters that there were “no signs that the attack had any real consequences.”
“The SolarWinds attack also hit the financial infrastructure in Denmark. The relevant systems were contained and analyzed as soon as the compromise of SolarWinds Orion became known,” it added.
SolarWinds did not immediately respond to an emailed request for comment.
The Russian government has denied involvement in the SolarWinds hack, which hit both companies and institutions worldwide, including nine U.S. federal agencies.
Microsoft, whose president has described the attack as “the largest and most sophisticated attack the world has ever seen,” said last week it had discovered a new breach as part of its probe of suspected SolarWinds hackers.