SolarWinds attack damage will be 'far worse than we think'
Tuesday, December 15, 2020
FireEye has already updated its products to detect all known altered SolarWinds binaries, and is scanning for any traces of activity by this actor and reaching out to both customers and non-customers if it sees potential indicators.
Quick and inexpensive access
Ekaterina Khrustaleva, COO of ImmuniWeb, says supply chain attacks have surged this year, as these attacks offer rapid and inexpensive access to valuable data held by high-profile targets.
“The victims, like what has happened in the SolarWinds case, usually have no technical means to detect intrusion in a timely manner unless the breached supplier informs them,” she says.
Many third-party suppliers simply don’t have the budgets for the same level of incident detection and response as their enterprise clients. Hackers and nation-state threat actors deliberately target the weakest link to get rapid results and remain undetected.
Attribution of sophisticated APT attacks, such as this one remain a highly complicated, time-consuming and costly task, she says. “Global cooperation in cyber crime prosecution is vital to break the impasse and make computer crime investigable.” Read Full Article
SiliconANGLE: Russian group reportedly hacks US Commerce and Treasury departments
CPO Magazine: Brazil’s Health Ministry’s Website Data Leak Exposed 243 Million Medical Records for More Than 6 Months