Where were you when you first heard about the SolarWinds breach? It’s not unusual for information security professionals to learn about a breach. Keeping track of the news is part of the job. The SolarWinds attack, however, was different for two primary reasons. 

First, it reached the level of mainstream news. The majority of breaches stay mostly in the industry press. Only a few break into the now-mislabeled ‘evening news.’ Prior to this event, the average person would never have heard of SolarWinds. Why would they? SolarWinds’ products were the purview of system administrators and engineers. There were nuts and bolts, not buildings.

The fact that these products were so prevalent in so many corporations is what ultimately made the attack so newsworthy. While the average person was unaware of SolarWinds, most of their activities on any network were subject to the various tools produced by the SolarWinds corporation. In fact, the platform on which you are reading this probably has at least one SolarWinds product in its environment. This attack had a very broad impact.

An attack on the supply chain

The second reason that this incident was so significant is that it was a supply chain attack, which creates a challenge for just about every industry sector. No organization functions without a supply chain, and a successful attack against any supplier, whether “upstream” or “downstream,” threatens every other link in that chain. Many people think of the supply chain as trucks moving products or hardware manufacturers, but the chain spreads across a much larger spectrum.  Software is part of a supply chain, and that is exactly what was exploited in this now infamous compromise.

Of course, there are many supply chain attacks that do not appear on the evening news. All organizations need to (Read more...)