SolarWinds FAQ: Top federal cybersecurity experts explain the attacks - Business Insider

  • 📰 BusinessInsider
  • ⏱ Reading Time:
  • 65 sec. here
  • 3 min. at publisher
  • 📊 Quality Score:
  • News: 29%
  • Publisher: 51%

Belgique Nouvelles Nouvelles

Top federal cybersecurity experts explain why the SolarWinds cyberattack is such a big deal — and why it's too soon to declare cyberwar

that the hack started with "an intrusion through malicious code in the SolarWinds Orion product. This results in the attacker gaining a foothold in the network, which the attacker can use to gain elevated credentials," in other words, once in an organization's system, the attackers can gain entry to more critical areas because the system believes the activity is part of the software update.

"It is extra insidious," says Downs. "I was shocked to see the intruders managed to bypass two-factor authentication," he says, noting a researcher's observation that the malware went around the security check that requires a user to enter check in with their phone while logging in. Down also was impressed that the attack used steganography, the highly skilled hiding of code in images and other files.

"While security professionals and other experts have attributed the attack to an outside nation-state, we have not independently verified the identity of the attacker," SolarWindsThis narrows the field considerably, and many in the industry agree that only the Russians could have managed such a widespread, well-planned, and stealthy attack. "CISA will never come right out and say it was the Russians," says Bort.

"The was definitely nation-state espionage. We do it, too. This just bled over so badly to the private sector," says Mike Hamilton, former chief information security officer of the City of Seattle, who advised the Department of Homeland Security in that role. "I would not recommend escalating this," says Downs. "The best intelligence operations are the ones you never know about."

 

Merci pour votre commentaire. Votre commentaire sera publié après examen.

wow

Nous avons résumé cette actualité afin que vous puissiez la lire rapidement. Si l'actualité vous intéresse, vous pouvez lire le texte intégral ici. Lire la suite:

 /  🏆 729. in BE

Belgique Dernières Nouvelles, Belgique Actualités

Similar News:Vous pouvez également lire des articles d'actualité similaires à celui-ci que nous avons collectés auprès d'autres sources d'information.

Coronavirus variants FAQ: infectiousness, mutations, vaccine efficacy - Business InsiderBusiness Insider tells the global tech, finance, markets, media, healthcare, and strategy stories you want to know.
La source: BusinessInsider - 🏆 729. / 51 Lire la suite »