Your Resource for All Things Apps, Ops, and Infrastructure

FireEye and SolarWinds Attacked – What it Means for You

Earlier this month FireEye, one of the most well-respected cybersecurity firms in the world, was successfully hacked. The perpetrators accessed FireEye’s Red Team weaponry resources—a set of scripts, tools, scanners, and techniques used to demonstrate the offensive capabilities of adversarial attackers.

Additionally, this week, a supply chain attack on SolarWinds Orion business software updates was discovered. SolarWinds’ updates have been trojanized to distribute malware known as SUNBURST. This attack has already affected public and private organizations around the world.

What Is the Impact of the FireEye Attack?

FireEye has been the darling of cybersecurity for many years. It has some of the best security leaders in the industry including ex-military minds. Its client roster includes government agencies and therefore, was a high- profile target. However, this occurrence shows us that anyone can be successfully breached.

The impact is significant and should not be underestimated. Attackers could now have nation-state-level cyber weaponry in their arsenal. Private companies are now going to be fighting against weapons of war. There is no better time to be focused on security.

What Should Be Done about SolarWinds?

We recommend shutting it off immediately based on current guidance from the Cybersecurity & Infrastructure Security Agency.

How Can You Protect Your Organization?

The attack highlights the fact that cybersecurity is one of the most complex problems in IT today. It’s among the ranks of Artificial General Intelligence because we’re dealing with human adversaries exploiting the human weaknesses in our environments. Every piece of technology could be configured perfectly, and you can still be compromised.

Organizations must take cybersecurity seriously. Heed the words of the great American cryptographer Bruce Schneier, “Security is a process not a product.” Process adherence builds a strong security program for organizations that goes beyond simply relying on a specified set of tools.

To start a conversation about how to protect your organization from cyberattacks, contact us.

Subscribe to the AHEAD i/o Newsletter