Advertisementīut as shocking as that spy operation was, SolarWinds wasn't unique. The SVR used that foothold to burrow deep into the networks of at least nine US federal agencies, including NASA, the State Department, the Department of Defense, and the Department of Justice. The severity of the supply chain threat was demonstrated on a massive scale last December, when it was revealed that Russian hackers-later identified as working for the country's foreign intelligence service, known as the SVR-had hacked the software firm SolarWinds and planted malicious code in its IT management tool Orion, allowing access to as many as 18,000 networks that used that application around the world. "You're trusting every vendor whose code is on your machine, and you're trusting every vendor's vendor.” "Supply chain attacks are scary because they're really hard to deal with, and because they make it clear you're trusting a whole ecology," says Nick Weaver, a security researcher at UC Berkeley's International Computer Science Institute. With one well-placed intrusion, they can create a springboard to the networks of a supplier's customers-sometimes numbering hundreds or even thousands of victims. By compromising a single supplier, spies or saboteurs can hijack its distribution systems to turn any application they sell, any software update they push out, even the physical equipment they ship to customers, into Trojan horses. That insidious and increasingly common form of hacking is known as a "supply chain attack," a technique in which an adversary slips malicious code or even a malicious component into a trusted piece of software or hardware. But increasingly, sophisticated hackers are undermining that basic sense of trust and raising a paranoia-inducing question: what if the legitimate hardware and software that makes up your network has been compromised at the source? The cockroach of the internet has a long life ahead of it yet.Frank Lindecke / Flickr reader comments 23 withĬybersecurity truisms have long been described in simple terms of trust: Beware email attachments from unfamiliar sources and don't hand over credentials to a fraudulent website. The global nature of email and its address system also means it trumps messaging platforms in terms of scale. Thomas Randall, an analyst at Info-Tech Research Group, notes that while messaging services such as Slack and Teams are great for real-time communication, they have yet to best email when it comes to sharing information in a more asynchronous fashion. One source of comfort for them is that email isn’t likely to be deleted permanently from companies’ communication tool sets anytime soon, in spite of hackers’ attentions. Microsoft and other companies offering email services will be watching closely to see what that response looks like. The breathtaking scale of both attacks has put the spotlight on the Biden administration, which has said it is working on “a whole of government” response to the hacking onslaught U.S. That hack, too, has caused huge problems for CIOs and their security teams at many thousands of companies. The assault on Microsoft Exchange comes not long after revelations that hackers had been able to compromise networking software from a supplier called SolarWinds. A widely held view is that any company with an on-premise Exchange server that’s configured to allow staff to access email over the internet should assume it has been targeted. Many of their targets have been small and medium-sized businesses, but larger companies, government departments and regulatory organizations such as the EBA have also been in their sights. (The Chinese government has publicly denied any involvement.) However, the sheer number of incidents over the past few weeks has led security experts to conclude that other hacking groups have been exploiting the same vulnerabilities too. Microsoft believes the attacks, which it first started seeing in January, are the work of state-sponsored Chinese hackers in a group its security researchers have dubbed Hafnium. The software giant has issued a software “patch” to fix the security weaknesses and has urged companies to implement it as quickly as possible. Microsoft has said that the ongoing attack has only targeted instances of Exchange running on companies’ own servers versions delivered via its computing cloud so far appear to have been unaffected. That dominance is what makes Exchange such a tempting target for hackers. Rival services such as Google’s Gmail haven’t made significant inroads as of yet. “Exchange, whether in the cloud or on-premise, is almost a monopoly in businesses,” says Art Schoeller of tech research firm Forrester. According to Statista, just over 300 billion emails are still being sent every day-and Microsoft has a dominant share of the market in serving them up.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |