EXECUTIVE SUMMARY:

As many as 30% of the private sector and federal agencies affected by the SolarWinds attack have no direct connection to SolarWinds.

The cyber adversaries “gained access to their targets in a variety of ways,” says Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency. “It is absolutely correct that this campaign should not be thought of as the SolarWinds campaign.”

Cyber forensics experts have discovered that the group of cyber adversaries involved in the SolarWinds breach also used other tactics to gain access into systems. These include:

  • Password spraying
  • Guessing passwords
  • Exploiting administrative credentials

A variety of theories currently abound regarding precisely how hackers worked their way into systems. These theories range from likely and plausible to the more remote.

What’s next?

“These attacks are going to continue to get more sophisticated. So we should expect that. This is not the first and not the last. This is an outlier. This is going to be the norm. This is why what we do is more important than ever,” said Vasu Jakkal, Microsoft’s corporate VP of security, compliance and identity.

One fear is that advanced attackers will leverage artificial intelligence to compromise organizations or industries. At the same time, artificial intelligence in cyber security may be able to counter new types of AI-based attacks.

The strategic plans to protect US systems from cyber attacks?

The private sector and public sector are coming together to address privacy and security concerns. The former director of the US National Counterintelligence and Security Center, William Evanina, stated that the US should pursue a zero-trust approach in curbing the supply chain risk. A major business issue is that certain kinds of software updates are exempt from routine cyber security protocols. Instead of trusting the vendor, new cyber security checks and balances will need to be put into play.

To see Cyber Talk’s past coverage of this topic, click here.