SolarWinds hack: Amid hardened security, attackers seek softer targets
Posted January 6, 2021
- Reported theories by SolarWinds hack investigators that federal agencies and private companies were too busy focusing on election security to recognize vulnerabilities tied to the software supply chain are unfair and misleading, say cybersecurity experts that used to work in government.
- “This is an ‘apples and oranges’ comparison,” added Rosa Smothers, senior vice president of cyber operations at security awareness company KnowBe4, and a former CIA technical intelligence officer. “The role of managing an IT network is an entirely different role than monitoring our adversaries’ offensive cyber operations. In other words, those charged with monitoring Russia’s ops aren’t the same people implementing SolarWinds products on government networks.”
- John Caruthers similarly objected to the accusation. “Since 2016, the U.S. intelligence community has established election task forces, staffed with dedicated personnel, across the country to specifically address and investigate election fraud,” he said. “All the while, teams of investigators and analysts have continued working their respective threats, to include those emanating from Russia and other nation states. I can’t speak on behalf of our private-sector partners but, based on experience, can confidently assume they were and are working diligently to identify threats from all sources.”
- “There are a range of potential adversaries working against admins – nation states, hackers, criminal competitors – all with varying degrees of skill,” said Caruthers, business information security officer at Evotek and a former supervisory special agent at the FBI. “Without addressing all components, the bad guys will find your network’s Achilles heel.”
– Bradley Barth | January 6, 2021