Where were you when you first heard about the SolarWinds breach? It’s not unusual for information security professionals to learn about a breach. Keeping track of the news is part of the job. The SolarWinds attack, however, was different for two primary reasons. First, it reached the level of mainstream news. The majority of breaches stay mostly in the industry press.
Cybercriminals are surprisingly lazy. Hackers are continuously cultivating their methods to achieve maximum impact with minimal effort. The adoption of a Ransomware-as-a-Service model is one example of such an achievement. But perhaps the apical point of cyberattack efficiency was achieved with the invention of the supply chain attack. A supply chain attack is a type of cyberattack where an organization is breached though vulnerabilities in its supply chain.
Honeytokens act like tripwires, alerting organizations of malicious threats lurking at the footsteps of their sensitive data. They're a very effective intrusion detection system. So effective, in fact, that the European Union Agency for Cybersecurity (ENISA) highly recommends their use in network security. If strategically distributed thought an ecosystem, honeytokens could event prevent supply chain attacks.
Software supply chain security concerns are more prevalent than ever. The U.S. Pentagon, Department of State, Department of Homeland Security, Microsoft, FireEye – this is just a partial list of the government agencies and companies hacked as a result of the attack on SolarWinds’ proprietary software – the Orion network monitoring program.
The recent SolarWinds breach highlights a new paradigm in the Software Supply Chain. When compared simply to the code itself without any additional tools, Proprietary Code is no more secure than Open Source. By contrast, many would argue that Open Source Code is more secure due to a faster fix/patch/update cycle and the pervasive access to source code (Clarke, Dorwin, and Nash, n.d.).
The SolarWinds supply chain attack against the US Government was the largest and most sophisticated breach in history. A post mortem operation is still underway and with every stage of its progression, cybersecurity experts become increasingly flabbergasted at the INNOVATIVE complexity of the techniques used. But despite nation-state's efforts to conceal their tactics, they left some highly-valuable clues about their methods that could be leveraged to sharpen supply chain attack defenses.
Supply chain attacks are on the rise, yet few businesses are equipped to face this threat. This could be due to a growing despondency towards cybersecurity in light of the SolarWinds attack. If the nation-state hackers were sophisticated enough to bypass highly-secure Government agency critical infrastructures, how could any organization prevent a supply chain attack? The answer is a change of mindset - don't assume a supply chain attack might occur, assume it will occur.
The SolarWinds supply chain attack has rocked the business world, stirring a whirlwind of supply chain security evaluations. The pernicious effects of the SolarWinds cyberattack (which is likely to take months to fully comprehend) reveals an uncomfortable truth causing stakeholders globally to reconsider their business model - vendors introduce a significant security risk to an organization.
