BACKGROUND:
The Solar Winds CEO has announced that its infamous hack may have happened months earlier than thought.
Sudhakar Ramakrishna suggested that hackers that penetrated 10 U.S. government agencies and scores of companies may have been inside his company’s network as early as January 2019.
Eric Milam, VP of Research and Intelligence, BlackBerry shares his view: this is not a shock! Many threat actors lie low for months before activation. This means organisations must be deploying tools to catch breaches even once they have happened.
<p>It’s not a shock to hear that the breach occurred earlier than anticipated, as the average time for a breach to come to realisation is around six months. In this case, it was a motivated threat actor with skills to stay under the radar longer. The main focus here is how vital it is to secure your environment – not just for your own benefit but that of the supply chain and downstream customers as well – and putting in the right checks and balances to identify any anomalies along the chain. If you’ve built a secure internal infrastructure, gaining access to other critical resources is obviously prevented. With a breach at this scale, there should be steps put into place between identifying an anomaly at the initial access point versus detecting activity across other systems throughout the supply chain. While it can be difficult to combat a breach at point of access, it is critical to catch the breach once it happens.</p>