Non-Tech Speak Series

Solarwinds Breech

Applied Integration Owner, Don Cockayne, talks about the security breech to the US Government in December 2020. 





Hi There,


                I would imagine that many of you have heard of the recent Solarwinds cyber incident that has been all over the news these past few days.  I just wanted to take a minute or two to break some of this down for you.


                Basically what happened is that a suite of tools that the company Fireeye used to probe companies as part of legitimate intrusion testing activities was essentially stolen from that company.  The tools were then successfully inserted into some of the tools that Solarwinds has created for network monitoring.  The Solarwinds network monitoring tools are used a lot in Government agencies and by many large companies.  This injection of these tools appears to have given the bad actors pretty extensive access to the networks that were using the Solarwind tools.


                The consensus in the security community after examining the details of all this is that this is the work of state sponsored actors from Russia.


                Now, where are we today?  Well, the good news is that everyone now knows that this breach took place, and as is typical in these situations, immediate measures were taken to secure and update the affected software tools.


                As far as Applied Integration goes, we do not use ANY tools from Solarwinds.  We also have received notification from the Vendors we use that they have put the proper measures into Firewalls and A/V software and systems that we do use, so that any new attacks or attempted breaches related to these stolen tools will be identified and blocked. 


                So while this is a big one, and was a breach that really rocked the security community because of the sheer size and scope of the activity, it appears to have been pretty swiftly recognized and reacted to.  But as always, this should serve as a continual reminder that there is a large community of bad actors out there who spend their time constantly probing and adapting, trying to find new ways to cause trouble.  The more we can be aware and cautious as the users of technology, the less chance we have of becoming victims of this type of thing.


We will continue to stay tapped into the security news sources we use as this episode winds down and if anything new or noteworthy comes along, I’ll be sure to share it with you.