January 18, 2021

Questions about solar winds

I was researching into the solar winds hack and trying to see if there’s any lessons to be learned etc.

From reading the FireEye report it seems the attackers methods were quite sophisticated and as a result the attack sent went undetected for several months.

What I haven’t been able to find is how solarwinds themselves where breached, I don’t know if they themselves don’t know/haven’t disclosed it or if I just haven’t looked hard enough, I apologise if it’s the latter.

I was also wondering what could have been done to prevent this, both by solarwinds themselves but also by the company’s affected, either to mitigate damages or to detect the hack.

If anyone has any thoughts/insights they’re willing to share please do.

Comments

d4vinder

Most definitely state sponsored imho

limpinghiker

Better change management practices. Auditing network traffic. Auditing files available to customers.

All things they claim they are doing now.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.