CYBER Insights » THREAT INTEL: SOLAR WINDS – Over 18,000 Clients exposed in the most invasive cyberattack in history

THREAT INTEL: SOLAR WINDS – Over 18,000 Clients exposed in the most invasive cyberattack in history

Image Credit: rawpixel.com/FreePik

Gibraltar: Monday 08 July  2024 at 12:50 CET

THREAT INTEL: SOLAR WINDS: the most invasive cyberattack in history, impacting 18,000 clients, including critical U.S. government agencies

By Andy Jenkinson – Guest Contributor |  Group CEO Cybersec Innovation Partners
via CYBERInsights
First for SME Cybersecurity News
Google Indexed on 080724 at 13:20 CET

#CyberInsights #SMECybersecurityNews #Cybersecurity #WhitethornShield #InternetSecurity #DNS #PKI

In December 2020, the world witnessed one of the most invasive Cyberattacks in history, targeting SolarWinds and impacting 18,000 clients, including critical U.S. government agencies.

At the time we extensively researched this incident and provided crucial evidence to the Senate Intelligence Committee, we authored “Stuxnet to Sunburst: 20 Years of Digital Exploitation.”

It was later confirmed, perfectly aligned to our research and findings, SolarWinds had been exploited by compromised Not Secure and Insecure subdomains and servers.

Despite our ongoing efforts to assist SolarWinds and Tim Brown in addressing the identified security vulnerabilities, it is with profound disappointment that we report their continued exposure to Cyber Threats.

Our recent investigation uncovered alarming evidence of NOT SECURE SolarWinds Orion subdomains and INSECURE DNS servers, illustrating a persistent negligence in SolarWinds cybersecurity measures.

The original exploitation of these weaknesses by malicious actors, who injected harmful code into the Orion software (Sunburst) which was subsequently trusted and downloaded automatically by users—highlighted a severe oversight that remains unrectified.

SolarWinds‘ failure to secure their digital infrastructure, even after the catastrophic breach and our repeated offers of assistance, is inexcusable.

This negligence not only compromises their clients’ sensitive data but also endangers national security. The persistent vulnerability of SolarWinds‘ Assets underscores a critical need for immediate, robust security enhancements to prevent future incidents.

As we prepare to present our findings at this weeks Forensic Science Guild, we publicly call upon SolarWinds to take urgent action. The ongoing risks posed by their insecure systems demand accountability and immediate remediation.

It is imperative that SolarWinds acknowledges the gravity of their security lapses and implements comprehensive measures to safeguard against further Cyberattacks. The time for action is now, before another devastating breach occurs, or to halt the ongoing MiTM attacks in flight.

Cybersec Innovation Partners
U.S. Securities and Exchange Commission
Information Commissioner’s Office
GCHQ
National Security Agency
National Crime Agency (NCA)
National Cyber Security Coordinator
Central Intelligence Agency
CNBC
ABC News
BBC News
ITV News
InternetSecurity
DNS PKI

 

About Andy Jenkinson

Group CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. Recognised Expert in Internet Asset & DNS Vulnerabilities.

Andy Jenkinson is a senior and seasoned innovative Executive with over 30 years’ experience as a hands-on lateral thinking CEO, coach, and leader. A ‘big deal’ business accelerator, and inspirational, lateral thinker, Andy has crafted, created, and been responsible for delivering 100’s £ millions of projects within the Cyber, Technical, Risk and Compliance markets for some of the world’s largest, leading organisations. Andy has a demonstrable track record of largescale technical delivery and management within many sectors including the Professional, Managed, and Financial Services.

Translate »