SolarWinds Cyber Attack: February 24 Webinar Will Address Lessons Learned

Date February 22, 2021
Article Authors

The SolarWinds cyber-attack impacted the U.S. government and some of the largest companies in the world. Join HBK’s Bill Heaven, and cybersecurity law expert and best-selling author Joe Brunsman of Chesapeake Professional Liability Brokers, Inc., at noon this Wednesday, February 24, for a webinar on lessons we learned from the hack and the protection against cybercrime afforded by cybersecurity insurance.

“I think from a software engineering perspective, it’s probably fair to say that this is the largest and most sophisticated attack that the world has ever seen,” Microsoft President Brad Smith characterized the December SolarWinds cybersecurity hack on the February 14, 2021 episode of 60 Minutes. As such, the attack on the Austin, Texas-based software developer replaced the 2013 Target data breach as the most heinous cybercrime yet discovered. The enormity and nature of the attack hold lessons for us all.

The “supply chain attack” was executed through an “advanced persistent threat (APT)” vector. The supply chain attack is considered the most intrusive third-party breach because it impacts trusted, highly integrated computer systems of multiple organizations within a supply chain. APT attacks are perpetrated by the most sophisticated cyber adversaries, such as nation-states, organized crime, and activist groups. APTs are often long-term, multi-phase attacks that focus on reconnaissance while using obfuscation techniques that allow them to operate undiscovered for months or even years.

The SolarWinds attack, suspected to have been launched by the Russian Government, was a so-called “Trojan Horse,” where malicious software, or “malware,” was disguised as a software patch, that is, a fix for a vulnerability identified by the software developer. The “ingress attack,” which focuses on intrusion into computer systems, gave the hackers backdoor access to the computer networks of approximately 18,000 customers of the SolarWinds Orion platform. Likely initiated in March 2020, the ATP was not discovered until December 2020, giving the hackers nine months of “dwell time,” that is, nine months of undiscovered access to those 18,000 computer systems.

Speak to one of our professionals about your organizational needs

"*" indicates required fields

HBK uses the contact information you provide to send you information about our products and services. You may unsubscribe from these communications any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.