Solarwinds cyberattack, the sunburst malware – A fallout that might last for years

Cyber attacks have been on a constant rise since the last few years and with time and advanced technology available at an attacker’s disposal, these attacks have become more sophisticated. With yearly reviews under way, the SolarWinds hack highlights a few significant corporate administration vulnerabilities—the pressing requirement for better IT controls and restricted board audit panel tech experts. Such loopholes are pretty much what cyber criminals misuse.

In late December it was uncovered that the rambling digital reconnaissance assault drove by state-sponsored Russian programmers influenced in excess of 250 US government offices and privately owned businesses starting as right on time as October 2019, however went undetected for quite a long time. The SolarWinds hack, among its many targets, affected leading tech firms and top government agencies.

Unlike the infamous 2013 Target data breach when cyber-thieves stole vendor credentials to access confidential data, the SolarWinds hackers embedded malicious code in a trusted supplier’s software update. The approximately 18,000 customers that downloaded the code were potentially vulnerable to an attack. [Reference]

Source: Bleuwire

In the attack, programmers accessed government and private organizations by embedding manipulated  code in the recent versions of SolarWinds’ chief programming item, Orion. The malware is confirmed to have breached networks at prominent organisations including Cisco, Intel, Deloitte and U.S. Departments of State, Treasury and Homeland Security. The alarming news surely leaves boards wondering aloud whether their companies’ technology infrastructure is truly secure.  [Reference]

Microsoft has released some information around the attack in one of their blogs as “Microsoft’s internal security research team has found evidence that the attackers accessed some internal source code in the company’s systems. The ‘Solorigate incident’ as Microsoft has termed it in the blog, showed there were “attempted activities beyond just the presence of malicious SolarWinds code in our environment.” Furthermore the hackers were able to “view source code in a number of source code repositories,” but the hacked account granting the access didn’t have permission to modify any code or systems. 

PwC’s 2020 Annual Corporate Directors’ Survey found that two-thirds of respondents agreed that a cyber breach would reflect poorly on their board. Yet only 37% said they knew their company’s crisis management plan “very” well. Even fewer (32%) said they deeply understand cybersecurity [Reference]. The cybersecurity process can’t be simplified  with alternating offensive and defensive attacks. Much like the chess aces, IT governance champs among various organisations  will be the ones whose crews and directors should join forces to design effective and efficient mitigation techniques to thwart such breaches

Published by The Art of Cyber-Space

I am a security professional specializing in security operations seasoned with incident management and digital forensics. With vivid experience in different industries, I am looking to explore the current cyberspace and discuss the ideology of the cybersecurity space, neuroscience and neurotechnology research from a security perspective. I love exploring various blog posts and share knowledge about the current threat landscape to instill more cybersecurity awareness.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: