SBN

Cyber Attack Briefing: The SolarWinds Compromise is a Wake-up Call

Fitting for a tumultuous year, 2020 is coming to an end with a notable event in cyberspace: a massive cyber-attack.

What began as a nation-state hack of a leading IT cybersecurity firm, FireEye, has since unfolded into a massive cyber-attack hitting various parts of the U.S. government and private sector industries. And many believe this is just the tip of the iceberg as more is discovered and revealed about the SolarWinds supply chain attack.

Let there be no mistake; SolarWinds and its customers are victims of this attack. But the current climate of almost unlimited cyber warfare is the true root problem here. And should serve as a wake-up call across digital and physical realms.

Defining the SolarWinds Cyber-attack: A Supply Chain APT

“a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time.”

But before getting into the details of the SolarWinds Orion attack, a contextual review illuminates the nature and extent of this massive hack.

TechTarget defines an advanced persistent threat (APT) as “a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time.”

APT attacks usually require significant effort and resources and are, therefore, typically carried out by a nation-state or state-sponsored organization. Thus, APT groups are generally named and numbered, with the number being sequential based on the order of discovery and the name hinting at the country of origin. For example, “bear” denotes Russian-originating APT groups where “dragon” indicates a Chinese origination.

Nation-state-backed groups, possessing significant monetary and technical resources, may maintain a presence on a compromised network for years before using it for malice. In 2018, “an extended period” equated to a mean time of (Read more...)

*** This is a Security Bloggers Network syndicated blog from The Mission Secure Blog authored by Paul D. Robertson, Weston Hecker. Read the original post at: https://www.missionsecure.com/blog/cyber-attack-briefing-the-solarwinds-compromise-is-a-wake-up-call