that the hack started with "an intrusion through malicious code in the SolarWinds Orion product. This results in the attacker gaining a foothold in the network, which the attacker can use to gain elevated credentials," in other words, once in an organization's system, the attackers can gain entry to more critical areas because the system believes the activity is part of the software update.
"It is extra insidious," says Downs. "I was shocked to see the intruders managed to bypass two-factor authentication," he says, noting a researcher's observation that the malware went around the security check that requires a user to enter check in with their phone while logging in. Down also was impressed that the attack used steganography, the highly skilled hiding of code in images and other files.
"While security professionals and other experts have attributed the attack to an outside nation-state, we have not independently verified the identity of the attacker," SolarWindsThis narrows the field considerably, and many in the industry agree that only the Russians could have managed such a widespread, well-planned, and stealthy attack. "CISA will never come right out and say it was the Russians," says Bort.
"The was definitely nation-state espionage. We do it, too. This just bled over so badly to the private sector," says Mike Hamilton, former chief information security officer of the City of Seattle, who advised the Department of Homeland Security in that role. "I would not recommend escalating this," says Downs. "The best intelligence operations are the ones you never know about."
wow
South Africa South Africa Latest News, South Africa South Africa Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Coronavirus variants FAQ: infectiousness, mutations, vaccine efficacy - Business InsiderBusiness Insider tells the global tech, finance, markets, media, healthcare, and strategy stories you want to know.
Source: BusinessInsider - 🏆 729. / 51 Read more »