FireEye, SolarWinds Breaches: Implications and Protections

/in


Five days after FireEye detailed the theft of about 300 of its proprietary cybersecurity tools, SolarWinds announced that its Orion IT monitoring platform had also been compromised by hackers believed to be sponsored by the Russian government. Together, the attacks turned over critical cybersecurity infrastructure to the malicious actors, along with access to thousands of global entities’ sensitive information. As the cybersecurity world wraps its head around how two top vendors were breached, we examine the organizations involved, details of the attack, and implications for the industry and its customers.

The players

While FireEye and SolarWinds are familiar to IT professionals, this week’s news brought their brands to the dinner table. Before jumping into the attacks and implications, here is a quick look at the two key organizations getting the most attention.

FireEye

Since 2004, FireEye has made a name for itself by offering next-generation threat protection and specializing in detection, prevention, and cyberattack analysis. In 2015, Deloitte called the vendor the fastest-growing cybersecurity firm, and today it stands out as a leading identifier of global threats and actors. Earlier this year, Reuters reported on FireEye’s research into APT41, a Chinese-linked cyberespionage actor. FireEye’s security services are used by government agencies and top public and private companies internationally.

SolarWinds

SolarWinds, operating out of Austin, Texas, since 2005, offers a suite of IT products from network, systems, and database management to managed security services. In April, Gartner recognized SolarWinds in its Magic Quadrant for Application Performance Monitoring (APM). As evidence of its reputation, SolarWinds global customers include about 80 percent of the Fortune 500 companies, all five branches of the U.S. military, and a swath of high-level government agencies.

Also read: Top Endpoint Detection and Response (EDR) Security Solutions

The attacks

Earlier this month, the U.S. National Security Agency warned that federal agencies were actively being exploited by “Russian state-sponsored actors.” A week later, FireEye’s prized Red Team hacking tools were…

Source…