17 Apr 2021

Cyber Retaliation Needs to Be Decisive, Swift, and Meaningful

On 15 April the Biden Administration formally attributed the Solar Winds attacks to Russia’s Foreign Intelligence Service, the SVR.  Soon thereafter they issued several directives implementing sanctions against Russia and some Russian related business leaders. The fall out from these actions is still underway and we will continue to track and assess how these matters could impact business and government strategies and decision-making. This post provides context important in assessing why any cyber retaliation needs to be both quick and meaningful.

Read More
16 Apr 2021

US Formally Attributes SolarWinds Attack to Russian Intelligence Agency

Russia’s Foreign Intelligence Service, SVR, has been officially blamed for the cyberattack on SolarWinds by the Biden administration. Sanctions against a number of IT security firms that helped enable the attack and other malicious cyber activities have been implemented. Positive Technologies and other smaller IT security firms were placed on

Read More
31 Mar 2021

As Their Ties Strengthen, Will Iran and Russia Coordinate Their Influence Campaigns?

Iran and Russia have a relationship that has wavered between strong mutual support and contention.  Currently, the two have drawn closer having the same strategic goal – offsetting U.S. influence in the Middle East.  Russia provides Iran with significant economic and military support. With sanctions applied against Iran by the United States and Europe, Tehran has forged closer economic ties with Moscow, highlighted by Iran’s joining a free trade agreement with the Eurasian Economic Union, of which Russia is prominent member. This post dives into what CEOs and other business leaders should know about this geopolitical dynamic.

Read More
30 Mar 2021

SolarWinds hack got emails of top DHS officials

New information has been released about the SolarWinds hack in which suspected Russian nationals gained access to US agencies’ systems, with the Department of Homeland Security conceding that the threat actors gained access to email accounts belonging to the head of the agency, Chad Wolf. Other department employees’ emails were

Read More
16 Mar 2021

The US must adopt Software Bill of Materials to thwart cyberattacks

Following the SolarWinds Russian espionage campaign against the US government, the White House addressed possible executive action on February 17 in response to the most systemic hack of the US government in history. However, experts have criticized the Software Bill of Material’s (SBOM) ability to prevent similar incidents, or worse,

Read More
08 Mar 2021

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

On Monday, Secureworks’ counter-threat unit declared that they had uncovered links between the SolarWinds attack and a Chinese APT group referred to as the Spiral threat group. According to the researchers, in late 2020 a compromised internet-facing SolarWinds server was used to deploy the .NET web shell Supernova. Further studies

Read More
01 Mar 2021

The SolarWinds Body Count Now Includes NASA and the FAA

According to new information about the SolarWinds Orion Russian espionage campaign that targeted both US organizations and federal agencies, the Federal Aviation Administration and NASA were both compromised as part of the operation. The suspected Russian state hackers compromised SolarWind’s Orion IT management tool in a supply chain attack that

Read More
26 Feb 2021

Microsoft Releases Free Tool for Hunting SolarWinds Malware

Microsoft has released a free tool designed to hunt SolarWinds malware following a devastating espionage campaign in which Russian state hackers compromised SolarWind’s Orion software in a supply-chain attack that affected major US organizations and federal agencies. Organizations who are still investigating whether they are victims of or still infected

Read More
25 Feb 2021

Solarwinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021

Due to the recent Russian espionage breach against its Orion software, SolarWinds reportedly spent more than $3 million on cybersecurity costs in the fourth quarter of 2020 and predicts this number will rise to $25 million in 2021. The massive spending includes initiatives to further product defense, remediation for the

Read More
19 Feb 2021

Norway’s 11179 billion NOK wealth fund affected by the SolarWinds hack

According to a new announcement, Norway’s sovereign wealth fund was impacted by the SolarWinds Russian espionage campaign against US federal agencies and organizations. The Government Pension Fund has confirmed that countermeasures against the SolarWinds Orion software were not quickly adopted. The update was installed roughly five months before the bank

Read More