Tag: SolarWinds | Page 24

SolarWinds was warned about potential cyber attack, cost-saving move to Europe may have exposed firm

January 3, 2021/in Internet Security

A cybersecurity adviser says he warned SolarWinds of a potential ‘catastrophic’ attack if the company didn’t amp up internal security measures and the firm’s move to Eastern Europe may have exposed it to the massive Russian hack.

In late December it was revealed that the sprawling cyber-espionage attack led by state-backed Russian hackers affected more than 250 federal agencies and private companies beginning as early as October 2019, but went undetected for months.

In the breach, hackers gained access to government and private networks by inserting malicious code recent versions of SolarWinds’ premier software product, Orion.

Ian Thornton-Trump, a former cybersecurity adviser at SolarWinds, said he urged management in 2017 to take a more aggressive approach with its internal security, warning that a cybersecurity episode would be ‘catastrophic’, according to a New York Times report published Saturday.

He said he gave a PowerPoint presentation to three SolarWinds executives urging them to install a cybersecurity senior director because he thought a major breach was inevitable, Bloomberg reported.

When his recommendations were ignored, he left the company a month later.

Staffers say the CEO of SolarWinds, which is based in Austin, Texas, cut security measure to save costs and the company moved several engineering offices to Eastern Europe.

But that move may have made the company vulnerable to the breach as some of the compromised SolarWinds software was engineered there and Russian intelligence operatives are deeply rooted in that region.

Ian Thornton-Trump, a former cybersecurity adviser at SolarWinds, said he urged management in 2017 to take a more aggressive approach with its internal security, warning that a cybersecurity episode would be ‘catastrophic’. When his recommendations were ignored, he left the company a month later

In the breach, hackers gained access to government and private networks by inserting malicious code recent versions of SolarWinds’ premier software product, Orion. SolarWinds headquarters in Austin, Texas above

Past and current employees SolarWinds had lackluster security measures in place. Chief Executive…

Source…

SolarWinds hackers accessed our source code

December 31, 2020/in Computer Security

Microsoft

The threat actors behind the SolarWinds attack could breach internal Microsoft accounts to view the source code for Microsoft products.

Earlier this month, Microsoft confirmed that they detected malicious executables in their environment that were downloaded during the SolarWinds Orion platform supply chain attack.

In a blog post published today, Microsoft stated that they found no evidence that production services or customer data were breached, that forged SAML tokens were used against their domains, or that their systems were used to attack customers.

However, their investigations discovered that the attackers could compromise internal Microsoft accounts, with one being used to view the source code for their software. The attackers, though, did not have the required permissions to modify any source code or engineering systems.

“We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories. The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated,” Microsoft stated in a blog post.

Microsoft further stated that they do not practice security through obscurity and do not consider the viewing of source code as a security risk.

Source…

SolarWinds Hack Opens Doors for Other Cybersecurity Stocks

December 30, 2020/in Internet Security

The MarketWatch News Department was not involved in the creation of this content.

Dec 30, 2020 (Baystreet.ca via COMTEX) —
When FireEye (NASDAQ:FEYE) revealed it was a victim of a Russian hack, the stock slumped from around $16 to $14. And after SolarWinds (NYSE:SWI) posted the same news, the stock fell by more and failed to bounce back.

Investors seeking exposure to the cybersecurity sector should avoid FEYE at new highs. SWI stock looks like it is on sale, trading at a forward price-to-earnings ratio of around 15 times.

Since the extent of the damage from the hack is unknown, investors cannot quantify the liability that SolarWinds faces. The local, state, and federal levels of government are now exposed and will need to fix the security holes. SolarWinds issued a patch. Still, the government may seek other suppliers to mitigate ongoing risks.

Clients may switch to or rely more heavily on CrowdStrike (NASDAQ:CRWD).

Investors may continue bidding shares of CRWD higher. If government clients change the policy and stop the practice of storing any sensitive data on internet-connected devices, then stocks in the cyberspace sector may fall.

Your Takeaway

Watch the cybersecurity stocks for now. The long-term prospects are stronger than ever as cloud-based solutions proliferate.

COMTEX_377005619/2559/2020-12-30T07:00:27

Is there a problem with this press release? Contact the source provider Comtex at [email protected]. You can also contact MarketWatch Customer Service via our Customer Center.

The MarketWatch News Department was not involved in the creation of this content.

Source…

‘Critical’ that Pompeo brief senators on SolarWinds hack at State Dept.

December 28, 2020/in Computer Security

The top Democrat on the Senate Foreign Relations Committee is calling on Secretary of State Mike Pompeo to brief senators on the massive SolarWinds hack by suspected Russian hackers and its effect on the State Department.

a man wearing a suit and tie: Top Democrat: 'Critical' that Pompeo brief senators on SolarWinds hack at State Dept.

© Getty Images
Top Democrat: ‘Critical’ that Pompeo brief senators on SolarWinds hack at State Dept.

“It is critical that the Senate Foreign Relations Committee receive a briefing on the extent of the security breach and the efforts that the Department is taking to mitigate its impacts and defend against future attacks,” Sen. Bob Menendez (N.J.) wrote to Pompeo in a letter Wednesday.

“Furthermore, it is essential that critical sectors within private industry and the American public more broadly understand the nature of the threat that our nation faces from the Kremlin, and their persistent exploitation of cyberspace, the Internet, and social media for their malign ends,” he added.

The State Department is one of several federal agencies breached by a cyberattack into third-party software developer SolarWinds that was revealed last week. Officials have called the hack, which is believed to have originated as far back as March, a “grave” risk to U.S. national security.

The State Department has yet to provide any specifics on the hack, and Menendez criticized Pompeo for his silence on the matter.

“While several other cabinet agencies that are victims of this cybersecurity breach have publicly acknowledged having been attacked, to date the Department of State has been silent on whether its computer, communication and information technology systems were compromised,” Menendez said in Wednesday’s letter.

A State Department spokesperson said the agency is working with the Cyber Unified Coordination Group (UCG), the administration’s coordinated effort between the FBI, Cybersecurity and Infrastructure Security Agency (CISA) and the Office of the Director for National Intelligence.

“We are working with the Cyber Unified Coordination Group (UCG) lead agencies and appropriate partners to determine the full scope and impact of these incidents,” the spokesperson said, and referred all other questions to UCG.

CISA did not immediately return a request for comment about…

Source…

Tag Archive for: SolarWinds