Is the attack on Fujitsu’s ProjectWEB SaaS platform the next big supply chain attack?
Friday, May 28, 2021
While still early, some researchers view the reported hacking into Fujitsu’s ProjectWEB software-as-a-service (SaaS) platform as as a nation-state attack not unlike the one that targeted the SolarWinds supply chain.
Ilia Kolochenko, founder of ImmuniWeb, and a member of the Europol Data Protection Experts Network, agreed that the Fujitsu incident resembles the SolarWinds hack in the U.S. He added that this recent attack may have similar consequences, including enhanced cybersecurity regulations, comprehensive due diligence of governmental contractors similar to the Defense Department’s Cybersecurity Maturity Model Certification in the U.S., and likely additional funding for national cybersecurity in Japan.
“Surging supply chain attacks of national amplitude and multi-billion losses will probably trigger similar consequences around the globe,” Kolochenko said. “Spending more does not mean spending wiser. Legislators and regulators should consider a consistent, holistic, multistakeholder, and long-term cybersecurity strategy as a key factor for regulated organizations to prevent cyberattacks and reduce data breaches. Ad hoc or unstructured approaches do not work anymore.” Read Full Article
GovInfoSecurity: Belgium Investigating Attack on Interior Ministry Network
teiss: Chinese hackers infiltrated Belgian government network via Microsoft Exchange exploit