See this Forbes article, "SolarWinds Cyber Attacks Raise Questions About The Company’s Security Practices And Liability."
It is a bit technical, but you can follow the gist of the issue and how the Russians wormed their way into the computers of many hundreds if not thousands of government agencies and businesses. Big businesses, too!
Here's the kicker from the article, "The malware is highly sophisticated, and companies will have a difficult time ensuring that it has been fully eradicated from systems that downloaded it. The thousands of public and private sector entities that were impacted by this attack will only be able to determine what data was exfiltrated or compromised and assess what collateral damage may occur as a result if they have maintained and secured system logs at least back to March 2020."
What this means is "the hack is still ongoing!" Yikes! If you don't think it touches emergency managers, just last week the Emergency Management Institute's (EMI) system was not online for remote learning/self-paced instruction. A cybersecurity professional I spoke to on Friday thought it was likely from this hacking event.
