Analysis & Opinions - The New York Times

Why Was SolarWinds So Vulnerable to a Hack?

| Feb. 23, 2021

It's the economy, stupid.

Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. The hack gave the attackers access to the computer networks of some 18,000 of SolarWinds's customers, including U.S. government agencies such as the Homeland Security Department and State Department, American nuclear research labs, government contractors, IT companies and nongovernmental agencies around the world.

It was a huge attack, with major implications for U.S. national security. The Senate Intelligence Committee is scheduled to hold a hearing on the breach on Tuesday. Who is at fault?

The U.S. government deserves considerable blame, of course, for its inadequate cyberdefense. But to see the problem only as a technical shortcoming is to miss the bigger picture. The modern market economy, which aggressively rewards corporations for short-term profits and aggressive cost-cutting, is also part of the problem: Its incentive structure all but ensures that successful tech companies will end up selling unsecure products and services....

For more information on this publication: Belfer Communications Office
For Academic Citation: Schneier, Bruce.“Why Was SolarWinds So Vulnerable to a Hack?.” The New York Times, February 23, 2021.

The Author