EletiofeA Year After SolarWinds, Supply Chain Threats Still Loom

A Year After SolarWinds, Supply Chain Threats Still Loom

-

- Advertisment -

A year ago today, the security firm FireEye made an announcement that was as surprising as it was alarming. Sophisticated hackers had silently slipped into the company’s network, carefully tailoring their attack to evade the company’s defenses. It was a thread that would unspool into what is now known as the SolarWinds hack, a Russian espionage campaign that resulted in the compromise of countless victims.

To say the SolarWinds attack was a wake-up call would be an understatement. It laid bare how extensive the fallout can be from so-called supply chain attacks, when attackers compromise widely used software at the source, in turn giving them the ability to infect anyone who uses it. In this case, it meant that Russian intelligence had potential access to as many as 18,000 SolarWinds customers. They ultimately broke into fewer than 100 choice networks—including those of Fortune 500 companies like Microsoft and the US Justice Department, State Department, and NASA.

Supply chain attacks aren’t new. But the magnitude of the SolarWinds crisis significantly raised awareness, sparking a year of frantic investment in security improvements across the tech industry and US government.

“If I don’t get a call on December 12, I’ll consider that a success,” says SolarWinds president and CEO Sudhakar Ramakrishna. On that date a year ago, SolarWinds itself learned that Orion, its IT management tool, was the source of the FireEye intrusion—and what would ultimately become dozens more. Ramakrishna did not yet work at SolarWinds, but he was slated to join on January 4, 2021. 

While this week marks the one-year anniversary of cascading discoveries around the SolarWinds hack, the incident actually dates back as early as March 2020. Russia’s APT 29 hackers—also known as Cozy Bear, UNC2452, and Nobelium—spent months laying the groundwork. But that very dissonance illustrates the nature of software supply chain threats. The hardest part of the job is upfront. If the staging phase is successful, they can flip a switch and simultaneously gain access to many victim networks at once, all with trusted software that seems legitimate.

Across the security industry, practitioners universally told WIRED that the SolarWinds hack—also called the Sunburst hack, after the backdoor malware distributed through Orion—has meaningfully expanded understanding about the need for transparency and insight into the provenance and integrity of software. There had certainly been other impactful software supply chain attacks before December 2020, like the compromise of computer cleanup tool CCleaner and Russia’s infamous distribution of the destructive NotPetya malware through the Ukrainian accounting software MEDoc. But for the US government and tech industry, the new campaign hit especially close to home.

“It definitely was a turning point,” says Eric Brewer, Google’s vice president of Cloud Infrastructure. “Before I would explain to people that the industry has a challenge here, we need to deal with it. And I think there was some understanding, but it wasn’t very highly prioritized. Attacks people haven’t seen directly are just abstract. But post-SolarWinds that message resonated in a different way.”

That awareness has also begun to translate into action, including building out the software equivalent of ingredient lists and ways to better monitor code. But it’s slow work; the supply chain problem requires as many solutions as there are types of software development.

Latest news

President Tinubu To Sign Executive Orders To Bring Down Costs Of Medicines

President Bola Ahmed Tinubu is set to sign executive orders aimed at reducing the prices of essential medicines...

Woman Bathes Co-wife With Hot Water In Kaduna

A woman identified as Hauwa’u is said to be on the run after she was accused of pouring hot...

Police Engage Bandits In Gun Duel, Foil Kidnap Attempt On Gusau-Sokoto Highway

Operatives of the Zamfara State Police Command foiled a kidnap attempt by armed bandits on Gusau-Sokoto Road, on Wednesday,...

Distasteful And Demeaning – Peter Obi Condemns Abure’s Arrest In Edo

Peter Obi, the 2023 presidential candidate of the Labour Party (LP), has reacted to the arrest of Julius Abure,...
- Advertisement -

100 Corpses Trapped As Kwara Shuts Mortuary Over ‘Ritual’ Activities

Last week, the Kwara State Government closed down a privately owned mortuary located on Omosebi Street, off Offa Garage...

Terrorism: Court Frees Rivers APC Chieftain After Two Years

A Federal High Court in Port Harcourt has discharged and acquitted Fubara Ohaka, a chieftain of the All Progressives...

Must read

President Tinubu To Sign Executive Orders To Bring Down Costs Of Medicines

President Bola Ahmed Tinubu is set to sign...

Woman Bathes Co-wife With Hot Water In Kaduna

A woman identified as Hauwa’u is said to be...
- Advertisement -

You might also likeRELATED
Recommended to you