Please see below for comment from cybersecurity experts on the new strain of malware, Raindrop found in relation to SolarWinds:
Experts Comments
While the malware strains might slightly vary, and I’m sure more will be exposed.
So we are now getting into the semantics of minutia of how different malware worked so they can be named and detected with a signature. This is all great after the fact once we already know the attack occurred, but it did not help when it mattered most.
While the malware strains might slightly vary, and I’m sure more will be exposed, the fact is the behaviours related to the malware has been consistent – network reconnaissance for user accounts and passwords (primarily AD) followed by
.....Read MoreDot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
The significance is there is incredible diversity in tools and tactics the attackers will use to create a beachhead. We believe that organizations, in addition to investigation/remediation activities, need to start operating and planning as if beachheads are inevitable and focus more on detecting and preventing the attacker activities after the beachhead has been established. It's way too easy for attackers to harvest credentials, move laterally, and escalate privileges once they're inside.
.....Read MoreThe significance is there is incredible diversity in tools and tactics the attackers will use to create a beachhead. We believe that organizations, in addition to investigation/remediation activities, need to start operating and planning as if beachheads are inevitable and focus more on detecting and preventing the attacker activities after the beachhead has been established. It's way too easy for attackers to harvest credentials, move laterally, and escalate privileges once they're inside. Developing, and investing in, an Active Defense strategy to preemptively clean up credential and pathway information, reduces the attack surface and forces detections by transforming endpoints into a network of deceptions, necessary to create an environment that is hostile to attacker activities once they've established a beachhead.
Read LessLinkedin Message
@Jeff Barker, VP Product Marketing, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Plan as if beachheads are inevitable..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-comment-on-new-malware-strain-found-in-solarwinds-hack
Facebook Message
@Jeff Barker, VP Product Marketing, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Plan as if beachheads are inevitable..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-comment-on-new-malware-strain-found-in-solarwinds-hack