Thursday, 24 December 2020

Lack Of Monitoring In SolarWinds Hack Is ‘Scary’

Most companies talk a good game about how much monitoring and auditing they do for cyberattacks--but flagrant incidents such as the SolarWinds breach and subsequent spread of malware to thousands of customers suggest many companies still have a lot of work to do.

That’s the message from Dave Mahoney, enterprise services architect at Blue Bell, Pa.-based Anexinet, No. 212 on CRN’s Solution Provider 500. Mahoney spoke with CRN as the fallout from the SolarWinds hack continued to grow and Microsoft disclosed that a second group may have also breached computer engineering career Orion, separately from the suspected Russian hackers behind the initial breach of the network monitoring platform.

Mahoney pointed out that hackers not only successfully inserted malicious code into SolarWinds software, but were then able to have the malware “phone home” to their command-and-control server. As a result, the hackers gained even greater access to take further actions within the system. How were you not monitoring network traffic that is calling out to an unknown destination?” Mahoney said. “What are you doing if you are not monitoring your network in an automated fashion?”

No comments:

Post a Comment