back to article SEC still digging into SolarWinds fallout, nudges undeclared victims

US markets watchdog the Securities and Exchanges Commission (SEC) has begun a probe into last year's SolarWinds cyberattack, in a bid to find out who else might have been compromised. Unnamed sources familiar with the investigation have told Reuters the US financial regulator recently sent out letters to businesses seeking …

  1. AW-S

    Team of 1000

    "and said his firm's analysis suggested the code behind the crack was the work of 1,000 or more developers"

    I'm still not buying this. 1,000 is far too many people to pull this off.

    1. Pascal Monett Silver badge

      Re: Team of 1000

      Could be possible if you farm out the jobs in slices, keep the big picture to yourself and keep the teams from communicating with each other.

      But that would require KGB-levels of team management and having one crack group putting all the pieces together properly.

      Still, not impossible.

      1. Mark 32

        Re: Team of 1000

        The report indicated that the signatures of 1,000 coders were detected in the malicious code, which when I read it, I was intrigued to understand how that number can be determined. Given that it was reported that 4,000 odd lines of code in the compromised DLL and then whatever the code size is for the injected payload following the call to the command control.

        This is part of the evidence of state sponsorship, which if indeed 1,000 coders were involved could only be the case, as that level of organisation simply would not happen in a private hacking group.

        1. SotarrTheWizard

          Re: Team of 1000

          . . . or that there was a lot of copy-pasta of stolen code in the exploit. . .

    2. TVC

      Re: Team of 1000

      If it was a government agency then, probably, 998 thought about and discussed it and 2 wrote the actual code.

      1. Michael Wojcik Silver badge

        Re: Team of 1000

        Hey, man, be cool. Meetings don't fill themselves.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like