BACKGROUND:
The Solar Winds CEO has announced that its infamous hack may have happened months earlier than thought.
Sudhakar Ramakrishna suggested that hackers that penetrated 10 U.S. government agencies and scores of companies may have been inside his company’s network as early as January 2019.
Eric Milam, VP of Research and Intelligence, BlackBerry shares his view: this is not a shock! Many threat actors lie low for months before activation. This means organisations must be deploying tools to catch breaches even once they have happened.
Experts Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
It’s not a shock to hear that the breach occurred earlier than anticipated, as the average time for a breach to come to realisation is around six months. In this case, it was a motivated threat actor with skills to stay under the radar longer. The main focus here is how vital it is to secure your environment - not just for your own benefit but that of the supply chain and downstream customers as well – and putting in the right checks and balances to identify any anomalies along the chain.
.....Read MoreIt’s not a shock to hear that the breach occurred earlier than anticipated, as the average time for a breach to come to realisation is around six months. In this case, it was a motivated threat actor with skills to stay under the radar longer. The main focus here is how vital it is to secure your environment - not just for your own benefit but that of the supply chain and downstream customers as well – and putting in the right checks and balances to identify any anomalies along the chain. If you’ve built a secure internal infrastructure, gaining access to other critical resources is obviously prevented. With a breach at this scale, there should be steps put into place between identifying an anomaly at the initial access point versus detecting activity across other systems throughout the supply chain. While it can be difficult to combat a breach at point of access, it is critical to catch the breach once it happens.
Read LessLinkedin Message
@Eric Milam, VP of Research and Intelligence, provides expert commentary at @Information Security Buzz.
"The main focus here is how vital it is to secure your environment...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/solarwinds-hack-happened-months-earlier-than-thought
Facebook Message
@Eric Milam, VP of Research and Intelligence, provides expert commentary at @Information Security Buzz.
"The main focus here is how vital it is to secure your environment...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/solarwinds-hack-happened-months-earlier-than-thought