Home/News/Solargate: A Global Trojan Horse in the Supply Train
Full original news can be read here >. Fair Use excerpt snippets below focus editor/member commentary and do not infringe on source Copyright.

This May Be the Hack of All Hacks: Cybersecurity Trends

Author: Doug Austin – eDiscovery Today

…This Orion may have led a galaxy’s worth of organization hacks – more than 425 of the Fortune 500 list of top companies; all of the top 10 telecommunications companies; all five branches of the military; and all of the top five accounting firms as part of 300,000 global customers potentially impacted, which also include UK government agencies and private sector companies…
…Does this latest hack change the way you think about how your organization handles its data?...

Open Source Link >

Editor Comment:

Good summary and perspective by Doug. First a bit of context and techno translation. The Orion Platform is SolarWinds’ primary systems management bundle for on-premise and hybrid environments. SolarWinds’ products cover the breadth of IT management. That means the hacked version of Orion gave the hackers potential access to servers, applications, databases, storage and more. I have struggled to keep up with the new development pace from MSFT, Relativity, Google, Veritas and most tech market leaders. We all got used to annual or bi-annual major release cycles. Now I see major feature release and hot fix notices daily. IT admins used to own their data systems and apply upgrades/patches in their test environment prior to production upgrades. These were major projects that involved months of preparation. As big enterprise has migrated to the Cloud, IT now manages a much smaller portion of their applications, systems, security and infrastructure. At the same time, we are witnessing the rise of incredibly sophisticated attacks by organized criminal syndicates and nation states on multiple fronts. Preliminary information indicates that the malicious code was manually inserted via the SolarWinds development supply chain. This bypassed all the usual firewall and trust systems as installed corrupted hotfixes as early as spring 2020. Breach remediation is an expensive, ugly process that can impact stock prices and customer/partner/employee trust. Not being a security guru, I support clients with the aftermath. Organized, categorized smart data is easier to monitor, protect and remediate. I hope that Solargate encourages organizations of all sizes to invest in the technology and teams to categorize and manage their unstructured data.

0 0 vote
Article Rating