Things are slowing down out there for the Christmas holiday.
The SolarWinds Supply Chain Attack
The full scope of this is still unknown. This is not contained. This is not just standard espionage. If it isn’t an act of war it certainly looks like a prelude to, well, something.
SolarWinds recap: All of the federal agencies caught up in the Orion breach
“The breach was first reported Dec. 13. And since then, the list of confirmed and potential victims within the federal government continues to grow.”
Department of Defense, Department of Homeland Security, State Department, Department of Commerce, Department of Energy, Department of the Treasury, National Institutes of Health
Big tech companies including Intel, Nvidia, and Cisco were all infected during the SolarWinds hack
“Last week, news broke that IT management company SolarWinds had been hacked, possibly by the Russian government, and the US Treasury, Commerce, State, Energy, and Homeland Security departments have been affected — two of which may have had emails stolen as a result of the hack. Other government agencies and many companies are investigating due to SolarWinds’ extensive client list.”
The sheer scale of the SolarWinds attack is sparking big changes to a $134.6 billion cybersecurity industry that already had to transform itself in 2020 (Paywalled)
“In the new world, CISOs have to assume that a breach is always present in the network”
The SolarWinds hack, and the danger of arrogance
“The SolarWinds hack exposed not only vulnerabilities within public and private sector networks, but also the dangers of arrogance. And make no mistake, the U.S. – public and private sector alike, across many sectors – has long suffered from a heavy dose of arrogance…In this latest attack, we’ve been caught flatfooted…America, we’ve been humbled. What matters most, however, is what we do now.”
VMware Flaw a Vector in SolarWinds Breach?
“On Dec. 7, 2020, the NSA said “Russian state-sponsored malicious cyber actors are exploiting a vulnerability in VMware Access and VMware Identity Manager products, allowing the actors access to protected data and abusing federated authentication.”
Brian Krebs has several other interesting posts on this: https://krebsonsecurity.com/
SolarWinds and Supply Chain Attacks: Could it happen to WordPress?
Nice, quick breakdown here.