SolarWinds hack turning into Pandora’s box of cyber-risk
Posted February 2, 2021
- The massive data breach that compromised software vendor SolarWinds is far broader in scope than originally thought, federal investigators have found, with close to one-third of the victims not even running the SolarWinds Orion product that was initially considered the entry point for hackers.
- Hackers obtained initial access in some cases by guessing passwords and exploiting administrative credentials, including by gaining privileged access to Microsoft cloud software. “It is likely that the adversary has additional initial access vectors and TTPs that have not yet been discovered,” CISA said.
- Although CISA has provided guidance on open-source tools that are available to private- and public-sector companies to detect potentially malicious activity, the damage has been done. It’s at this point in which a cyber-attack—no matter how massive or small—becomes a compliance problem.
- Simple governance risk management measures that many companies still seem to struggle with:
- Start with an internal evaluation.
- Conduct a third-party evaluation.
- Conduct an inherent risk assessment.
- Perform due diligence from a network security and data privacy standpoint.
- Conduct cyber-attack fire drills.
- Put it in a contract.
– Jacelyn Jaeger | February 2, 2021