As investigations continued into the massive data breach linked to Austin-based software company SolarWinds, experts say the attack could lead to long-term changes in cybersecurity policies and procedures for government entities and private companies alike.
News of the cyberattack broke on Dec. 13, with Reuters news service reporting that a sophisticated hacking group backed by a foreign government might have stolen information from U.S. government agencies, including email traffic. The breach appears to have affected nearly every level of government, as well as potentially hundreds of private companies. As many as 18,000 SolarWinds customers—out of a total of 300,000—might have been running SolarWinds software containing a vulnerability that allowed hackers to penetrate various networks. The Homeland Security Department's Cybersecurity and Infrastructure Security Agency has called the hack a grave risk to government and private networks, and experts say the damage will be difficult to detect and undo. So far, the investigation has revealed a number of high-profile targets of the attack, including the Department of Treasury, Homeland Security, the Department of Energy and Microsoft.
SolarWinds finds itself caught in the middle of an escalating cyberwar and a broader scale of supply chain attacks, in which another company could have just as likely ended up the target, Ives said. SolarWinds, which makes network and IT management software, has more than 3,000 global employees. It was founded in 1999 and moved to Central Texas in 2006. The hackers are believed to have made their way into a number of systems by tampering with an update server of the SolarWinds network management systems. Through it, the hackers were able to gain remote access and insert malicious code that hitched a ride on a software update. SolarWinds has released a number of software updates to patch the problem. Reuters also reported a possible second breach around the same time in the SolarWinds system, which also has since been patched. In a written statement, the company said it is working closely with federal law enforcement and intelligence agencies to investigate the attack and whether it was backed by a foreign government. The company said it is also working with third-party cybersecurity experts.
The attack could have widespread implications for the cybersecurity industry at large, as companies and the government have become increasingly reliant on online and cloud systems. Gartner, an organization that researches technology industry trends, predicted cybersecurity spending would reach about $123.8 billion this year. Cybersecurity experts said it's not possible to fully know yet if all the hackers' access points have been removed from the systems they breached, on both the government and business level. The breach has renewed conversations about cybersecurity and better steps for transparency, security and securing networks. That includes supply chain security and making sure that when the government or large corporations acquire software or updates, there is increased transparency about what's in that software package, and having the ability to audit what's in there to ensure it hasn't been altered, he said. There's also a renewed focus on internal security programs.
https://techxplore.com/news/2021-01-solarwinds-breach-reshape-cybersecurity.html
Read Also:
News of the cyberattack broke on Dec. 13, with Reuters news service reporting that a sophisticated hacking group backed by a foreign government might have stolen information from U.S. government agencies, including email traffic. The breach appears to have affected nearly every level of government, as well as potentially hundreds of private companies. As many as 18,000 SolarWinds customers—out of a total of 300,000—might have been running SolarWinds software containing a vulnerability that allowed hackers to penetrate various networks. The Homeland Security Department's Cybersecurity and Infrastructure Security Agency has called the hack a grave risk to government and private networks, and experts say the damage will be difficult to detect and undo. So far, the investigation has revealed a number of high-profile targets of the attack, including the Department of Treasury, Homeland Security, the Department of Energy and Microsoft.
SolarWinds finds itself caught in the middle of an escalating cyberwar and a broader scale of supply chain attacks, in which another company could have just as likely ended up the target, Ives said. SolarWinds, which makes network and IT management software, has more than 3,000 global employees. It was founded in 1999 and moved to Central Texas in 2006. The hackers are believed to have made their way into a number of systems by tampering with an update server of the SolarWinds network management systems. Through it, the hackers were able to gain remote access and insert malicious code that hitched a ride on a software update. SolarWinds has released a number of software updates to patch the problem. Reuters also reported a possible second breach around the same time in the SolarWinds system, which also has since been patched. In a written statement, the company said it is working closely with federal law enforcement and intelligence agencies to investigate the attack and whether it was backed by a foreign government. The company said it is also working with third-party cybersecurity experts.
The attack could have widespread implications for the cybersecurity industry at large, as companies and the government have become increasingly reliant on online and cloud systems. Gartner, an organization that researches technology industry trends, predicted cybersecurity spending would reach about $123.8 billion this year. Cybersecurity experts said it's not possible to fully know yet if all the hackers' access points have been removed from the systems they breached, on both the government and business level. The breach has renewed conversations about cybersecurity and better steps for transparency, security and securing networks. That includes supply chain security and making sure that when the government or large corporations acquire software or updates, there is increased transparency about what's in that software package, and having the ability to audit what's in there to ensure it hasn't been altered, he said. There's also a renewed focus on internal security programs.
https://techxplore.com/news/2021-01-solarwinds-breach-reshape-cybersecurity.html
Read Also:
- https://isxys.blogspot.com/2020/12/how-bad-is-hack-that-targeted-us.html
- https://isxys.blogspot.com/2020/12/blog-post_18.html
- https://isxys.blogspot.com/2020/12/us-massive-hacker-attack-triggers.html
- https://www.secnews.gr/309599/solarwinds-proslamvanei-chris-krebs-alex-stamos-meta-to-hack/
- https://www.secnews.gr/309732/solarwinds-brethike-trito-malware-xrhsimopoihthike-epithesi/
No comments :
Post a Comment