EXECUTIVE SUMMARY:

Has the SolarWinds breach changed how you think about security?

It’s sparked major mindset and structural changes across many industries and organizations. As we learn more about the full scale of the SolarWinds supply chain attack, we can implement more impactful and highly targeted cyber security mitigation strategies, safeguards and system-wide solutions.

The SolarWinds’ supply chain attack may have spread further than originally perceived. Experts initially recognized that the attack had damaged 100 networks. Due to ongoing investigations, that number has more than doubled, climbing to 250.

What business leaders must know about the SolarWinds risk

1. The Cybersecurity and Infrastructure Security Agency states that APT actors may be able to use victims’ networks “to create new accounts, evade common means of detection, obtain sensitive data, move across a network unnoticed and establish additional persistence mechanisms.”
2. Business leadership should consider requesting for IT teams to rebuild all network assets that were connected to SolarWinds Orion. CISA anticipates that this will be a “resource-intensive, highly complex, and lengthy undertaking.”
3. For US federal agencies, the only way out of the SolarWinds debacle may be to “shut systems down and start anew,” writes the New York Times.  Otherwise, the cyber adversaries perpetuating the attack may be able to haunt and subvert systems indefinitely.
4. The SolarWinds hack could affect cloud services’ API keys and IAM identities. Organizations may want to deploy counter measures to mitigate potential issues. Nonetheless, initiating counter measures may present challenges due to formidable technical obstacles.
5. Organizations may want to investigate whether or not their managed service providers (MSPs) were affected by the attack. If you rely on an MSP, getting updated info from your MSP can help you sidestep a domino effect.

For more business insights related to the SolarWinds breach, check out CISA’s PDF titled What Every Business Leader Needs to Know. For past  coverage of the SolarWinds breach on Cyber Talk, click here.