[BreachExchange] SolarWinds is the tip of the iceberg
Audrey McNeil
audrey at riskbasedsecurity.com
Mon Dec 21 20:30:33 EST 2020
https://www.helpnetsecurity.com/2020/12/21/solarwinds-cybersecurity/
The recent SolarWinds software supply chain breach is a clear indication
that strong OT cybersecurity is a must-have in today’s threat environment.
Waterfall’s technologies have long enabled integration between OT networks
and enterprise networks without the risk of any attack getting back into
the protected network. The time has come to deploy this class of
hardware-enforced protection universally on OT networks.
The SolarWinds breach shows only that the cyber threat environment
continues to worsen. The SUNBURST and SUPERNOVA malwares that were inserted
into SolarWinds Orion software updates are only the most recent examples of
software supply chain attacks. Previous attacks include NotPetya and Havex.
Both of these were malware inserted into legitimate software updates on
legitimate vendor websites and impacted many industrial enterprises.
The attack techniques and technology demonstrated in the SolarWinds breach
are only the latest to breach IT and OT networks that use only software
defenses. There is only so much that firewalls, anti-virus systems,
intrusion detection systems and the like can do for us. Our enemies have
long since figured this out and are defeating software defenses more
routinely in every passing week. Today’s ransomware groups for example, use
powerful tools and techniques that were used exclusively by nation states
only a couple of years ago.
Furthermore, SolarWinds Orion is only one of many widely used applications
that, if compromised, can be used to manipulate and impair large swaths of
industrial infrastructures. Ransomware groups and other adversaries will
not be long in mounting their own software supply chain attacks. They have
many vendor targets to choose from.
Again, the time has come for hardware-enforced protection for industrial &
OT networks. Power plants, pipelines, rail systems, our manufacturing
plants and many others are too important to leave to software alone.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20201221/9f603f11/attachment.html>
More information about the BreachExchange
mailing list