The SolarWinds Sunburst assault has been within the headlines because it was first found in December 2020.
Because the so-called layers of the onion are peeled again, extra data concerning how the vulnerability was exploited, who was behind the assault, who’s in charge for the assault, and the long-term ramifications of such a provide chain vulnerabilities proceed to be actively mentioned.
Cybersecurity firm Cynet is taking a wanted step again to supply a full image of the SolarWinds assault from begin to end in an upcoming webinar, “Lessons Learned from the SolarWinds SUNBURST Attack.”
Data concerning many features of the assault has been popping out in items, however we’ve not but seen such a complete overview of the technical steps behind the total assault, in addition to clear suggestions for safeguarding in opposition to related future assaults.
And that is exactly what’s wanted so safety professionals can acquire insights on the assault ways, applied sciences, and processes to use the suitable strategic protection measures to stop being a sufferer of focused provide chain assaults.
Evil, But Spectacular
From their first stealthy entry to the Solarwinds surroundings in September 2019, the hackers brilliantly staged and carried out an assault that in the end led to the compromise of techniques in over 40 authorities companies, together with the Nationwide Nuclear Safety Administration (NNSA), the US company chargeable for nuclear weapons. Targets in different international locations, together with Canada, Belgium, Britain, and Israel, had been additionally hit.
The Cynet webinar unpacks the assault to clarify the construct course of utilized by the attackers after which highlights the capabilities of the Sunburst, Teardrop, and Raindrop malware used within the assault.
Then, Cynet critiques the intelligent “kill change” capabilities constructed into the backdoor to assist make sure that it could not be found by safety analysts.
Additionally, the webinar discusses the numerous new vulnerabilities that had been uncovered in SolarWinds’ software program and their ramifications.
A Look Ahead
With a full understanding of how the assault was carried out, we will then decide whether or not we’re more likely to see all these provide chain assaults proliferate and whether or not nation-states are already focusing on key suppliers.
Sadly, in a discipline the place success begets success, it is all too sure that related assault approaches are actively underway someplace. Cynet additionally shares their perspective on this subject throughout the webinar.
Given that almost all firms do depend on third-party suppliers for a lot of their core software program, what ought to they do to guard themselves? Particularly provided that these firms have little selection however to proceed their use of third-party software program that might probably be weaponized, regardless of one of the best efforts of the third-party suppliers to guard themselves.
Cynet supplies steering on protection measures that needs to be utilized to make sure you’re not a sufferer of a provide chain assault although you don’t have any visibility or management over your provider’s safety. It is vital that firms come to appreciate that these trusted third-party relationships can, and have been, compromised. And motion should be taken now.