FORWARD GC

Share this post
🌬️ So, what happened with the SolarWinds hack?
newsletter.lawtrades.com

🌬️ So, what happened with the SolarWinds hack?

Raad Ahmed
Dec 23, 2020
Comment
Share

Last week, we learned IT management company SolarWinds was hacked, likely by Russia, affecting them and some well-known clients. Among the thousands of infected companies who used SolarWinds’s compromised network monitoring software are Nvidia, Belkin, Cisco and Intel. 

SecurityScorecard, the leading rater of corporate cybersecurity safety and a customer of Lawtrades, analyzed the hack. They came out with several interesting discoveries, as well as some important lessons.  

How the hack happened

The perpetrators modified SolarWinds’s software package known as hotfix and posted the infected package on SolarWinds’s update site. SolarWinds’s clients then downloaded the updated, infected software.    

SecurityScorecard had some exclusive findings

  • SolarWinds was hacked as early as October 2019. This was five months earlier than originally reported.

  • SolarWinds was still delivering infected components as of Dec. 18.

A lesson to remember

SecurityScorecard emphasized supply chain safety: “Companies everywhere should continuously monitor the digital assets associated with their supply chains to identify vulnerabilities, attack vectors, and other exploitable conditions that can lead to incidents such as data breaches, ransomware, or other cyber attacks.”

We’ll add this, too: You always need to have airtight policies set with your third party vendors.

Read the full post on SecurityScorecard’s blog for more info. 

CommentComment
ShareShare

Create your profile

0 subscriptions will be displayed on your profile (edit)

Skip for now

Only paid subscribers can comment on this post

Already a paid subscriber? Sign in

Check your email

For your security, we need to re-authenticate you.

Click the link we sent to , or click here to sign in.

TopNewCommunity

No posts

Ready for more?

© 2022 Lawtrades
Privacy ∙ Terms ∙ Collection notice
Publish on Substack Get the app
Substack is the home for great writing