What many organizations feared came true! The year 2020 brought another shock to the business community last week with discovering a new cyber-attack, SolarWinds hack’ in the United States. The attack is an opportunity for enterprises and CISOs to reflect on their cyber resilience strategies. (See: Top enterprise cybersecurity trends of 2020)
For the unversed, California-based cybersecurity company FireEye uncovered the SolarWinds hack last week and estimated that the cyberattack campaign might have started as early as Spring 2020 and remained undetected for months.
The cyberattack emerged as one of the largest ever targeted against the U.S. Government and several other global companies, threatening organizations’ cyber resilience levels. To date, dozens of emails from the U.S. Treasury Department have been confirmed as compromised.
The attack was hurled by cybercriminals who hacked the infrastructure of an American I.T. Software company, SolarWinds, and then used illegitimate access to insert malicious code in the software updates that the company sends out to its 30,000 plus clients that also includes several departments of the U.S. Government. SolarWinds stated that the updates issued between March and June 2020 were contaminated.
Several industry onlookers have also slammed SolarWind’s lackluster approach to conquer its shortcomings. For instance, the Chief Information Security Officer’s (CISO) longstanding vacant position from its board and notifications issued to customers around deactivating antivirus tools before installing SolarWinds software.
While the timelines of the SolarWinds hack are still unfolding, the SolarWinds breach is disturbing to the whole of the I.T. industry as it can have a far-reaching effect on many big organizations’ networks, questioning their cyber resilience levels.
The SolarWinds breach reflects that most organizations are appallingly unqualified to detect and prevent such kinds of software supply chain attacks. SolarWinds boast that it has been working with 425 of the U.S. Fortune 500 companies and hundreds of universities and colleges globally. This means that the severity of the attack can be severe in the coming days.
Top tech companies, Intel, Microsoft, Cisco, and NVIDIA, have all confirmed their exposure to the malicious software and undertaking necessary investigations to gauge the impact.
In a column published in the New York Times, Thomas P. Bossert, a former domestic security adviser to President Trump, notes that supply chain attacks of such magnitude require significant resources and sometimes years of execution.
Bossart also opined that a foreign state might have launched SolarWinds hack in a well-orchestrated way. These evaluations, if proved correct, can be more hazardous. For instance, in war-like situations, confidential data of governments can be modified or erased by hackers instantly to cause financial loss or take undue strategic advantage.
Stresses lack of preparation of organizations
As we move into 2021, the Solar Winds hack event has once again reiterated nothing is completely secure in this ever-evolving threat landscape. Indeed, no vendor or solution can fully guarantee to protect the networks of an enterprise. Perfect information security is a myth, but the key is resilience. (See: How COVID-19 has changed cybersecurity focus for 2021)
The last few weeks must have been more strenuous for CIOs and CISOs who would need to spend long-hours evaluating the impact on their networks, systems, and data from the SolarWinds cyber-attack. It’s time for enterprises to seek responses to some of the key questions more vehemently:
- Do you have a contingency plan to combat accidental breaches and unknown threats?
- Do you depend upon a single security vendor (say, for VPN, network monitoring, and network slicing) or want to onboard different security vendors to safeguard our networks?
- Can you change our defense approach to strengthen our cyber resilience levels?
- Are you regularly testing our multiple endpoints and operating systems and keeping them secure?
- Have you evaluated the risks of third-party software vendors and analyzed their ability to combat sophisticated threats?
- Is your service-level-agreement updated?
The SolarWinds hack event could be a catalyst for technology leaders to rethink and analyze all their security solutions and potential gates of network vulnerabilities in the context of modern-day technologies. There might be many undisclosed portions, and more details around the impairment from the breach is likely to continue to come out in the next few weeks.