WASHINGTON, Oct 20 (Reuters) – A more than year-long digital intrusion into cybersecurity company F5 (FFIV.O), opens new tab, publicized last week and blamed on Chinese spies, has defenders across the industry hunting for signs of compromise among the many corporate networks that use its products.
Several worry that more disclosures are coming. So far, little is known about the scope of the hack beyond statements from F5 that its source code and sensitive information about software vulnerabilities were stolen. The company’s website says it serves more than four in five Fortune 500 companies in some capacity, and U.S. officials have said that federal networks were among those targeted in the hack’s aftermath and have urged immediate action. That extensive presence alone has triggered widespread unease. F5’s stock tumbled 12 percent last Thursday, the day it published a host of fixes for previously vulnerable products, although it rebounded slightly by the end of the week. Several cybersecurity executives and analysts compared the hack at F5 to the extraordinary intrusion at the software company SolarWinds discovered in December 2020.
That company, whose Orion software was used for network monitoring, became the unwitting springboard into a number of highly sensitive networks after its source code was tampered with. Around a dozen government departments were eventually breached in the wide-ranging spy operation. Just like SolarWinds, which was little known in the consumer market before the hack, F5 has a host of tech equipment and services – load balancers, content delivery networks and firewalls – that typically play low-profile but critical roles in directing, managing and filtering organizations’ internet traffic. “I’m not equating this to the SolarWinds attack, but I’m equating it to the fact that people never hear of it, but it’s in everybody’s network,” said Michael Sikorski, the chief technology officer at Palo Alto Networks’ threat intelligence-focused Unit 42.
Source: Reuters