The recent breach of the SolarWinds Orion platform, in which a sophisticated team of hackers – perhaps affiliated with a nation-state – was able to insert malware into software updates that went out to thousands of companies, illustrates just how cyber-insecure we really are. That such an important tool, relied upon by hundreds of thousands of organizations for updates, network monitoring and other services could be so badly breached (the breach, according to experts, has been going on for months) has sent a chill up corporate America’s spine.
But the story here is different – what should really scare us is the lack of basic security that characterizes the vast majority of IT systems, whether in small organizations, multinational corporations or the government. As sophisticated as the attack was, the real damage came after the breach – through the malware the attackers were able to deliver to Orion clients.
An article by Yuval Elddad, VP of Customer Operations at CYE.