January 4, 2021
logo
SolarWinds attack: Cybersecurity experts share lessons learned and how to protect your business

SolarWinds attack: Cybersecurity experts share lessons learned and how to protect your business

Orville BravoJanuary 4, 2021,

by Moira Alexander in Security on January 29, 2021


The highly sophisticated SolarWinds attack was designed to circumvent threat detection—and it did, for much too long. Two cybersecurity experts share some valuable lessons learned from the attack.

The recent SolarWinds supply-chain attack went undetected for months. The earliest suspicious activity was detected in September 2019; by Dec. 12, stakeholders were notified, and a formal investigation by law enforcement, intelligence teams, and branches of the US government was launched. 

Following the attack, announcement, and investigation, many cybersecurity teams have likely been prompted to take a closer look at their internal security systems, applications, and infrastructure in general to reduce areas of vulnerability. The SolarWinds attack offers many lessons that can be learned, including these from two cybersecurity experts.  

Ori Arbel, CTO of Cyrebro, which makes an online SOC platform, said companies need to acknowledge and understand that no one is safe from cyber-attacks, not even the US government and security corporations. Arbel believes faster response can save companies millions. Even the most sophisticated attacks are executed with at least one of the shelf tools, such as a cobalt loader. 

Third-party vendor evaluation is critical, he said. An organization's solid security posture won't help once a third-party vendor is attacked. Patch management can no longer count on the fact that the patch is from the vendor. We need to create patch security validation processes. Arbel shares these key security lessons that could have reduced vulnerabilities. 

  • Digitally signed software has failed us once again. New binaries should have been checked and verified, even once they are signed.
  • Auditing, monitoring cloud environments, and segregating app/service accounts as much as possible could have stopped the attack or helped to pinpoint it in real time.
  • The secure System Development Life Cycle (SDLC) process might have made it possible to catch the attackers in real time and prevent the damage.
  • The use of stronger passwords on code management platforms could have helped.

How can the SolarWinds attack help companies better prepare going forward?

To combat future attacks, said Eyal Wachsman, co-founder and CEO of security validation platform Cymulate, attacks like SolarWinds is an all-hands-on-deck event that requires every organization to prove it is safe. Much like WannaCry or NotPetya, the attack on SolarWinds should be assumed to be on a mass scale. 

"Please don't assume that you are safe if you don't have a Solarwinds product; this is what supply chain attacks do, they move fast, and they move far," he said. Remove assumptions and validate your security.

As the adage goes, an ounce of prevention is worth a pound of cure; however, preventing future large-scale attacks like SolarWinds requires learning from past mistakes. Although these aren't the only lessons that can be learned, nor are they the only keys to addressing vulnerabilities—they offer some practical takeaways from two experienced cybersecurity experts who understand security risks and prevention.


SOURCE: Moira Alexander
VIA: techrepublic.com
MAIN IMAGE SOURCE: iStock/BalkansCat

OUR BLOG
Tips for Setting up Security Measures to Prevent Domestic Violence
Tips for Setting up Security Measures to Prevent Domestic ViolenceTips for Setting up Security Measures to Prevent Domestic Violence
In the US more than twelve million people are victims of domestic violence yearly. Many of these people are able ...
Modern Technology for Keeping Commercial Buildings Secured
Modern Technology for Keeping Commercial Buildings Secured
,
Security is crucial to the success and growth of any business. This is why you’ll see a trend among today’s ...
One-hit wonder frog makes a comeback in the southern Philippines
One-hit wonder frog makes a comeback in the southern Philippines
,
March 1, 2021 A pair of Filipino biologists have rediscovered Pulcharana guttmani, a rare Philippine stream frog first collected by ...
The Future of the Home Security Market
The Future of the Home Security Market
, ,
5 key trends exposed at CES 2021 Mitchell Klein Feb 12th, 2021 This article originally appeared in the February 2021 issue of Security ...
New research will explore how public are interacting with collections online
New research will explore how public are interacting with collections online
, ,
Three projects to examine the impact of Covid-19 on digital heritage Geraldine Kendall Adams @Gkendall 2 February 2021 Three research ...
Joe Biden will balance security interests and the rule of law in Central and Eastern Europe
Joe Biden will balance security interests and the rule of law in Central and Eastern Europe
by Veronica Anghel, The LoopJanuary 29, 2021 Under the Biden administration, the EU stands to have an ally against authoritarian ...
1 2 3 4
logo
NE Guard is your go-to choice when it comes to the latest news regarding security. Our team has got you covered whether you're looking for physical or virtual safety.
Copyright © 2021 NE Guard. All Rights Reserved.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram