Listen to The Threat Talks on:
Deep Dive – SolarWinds: The danger of third-party software
Your cybersecurity experts
SolarWinds: The danger of third-party software
Dive into the details of the SolarWinds supply chain attack with this episode of Threat Talks. Explore how 18,000 entities, including the US government and Fortune 500 companies, were compromised through sophisticated malware, Sunburst.
Learn from experts Lieuwe Jan Koning, Rob Maas and Luca Cipriano about the attack’s mechanisms, the importance of a Zero Trust strategy, and how to mitigate such risks.
Discover resources and infographics for further exploration and internal presentations at threat-talks.com. Stay informed on cybersecurity with Threat Talks.
Episode details:
The discussion begins by clarifying the role of SolarWinds Orion, an IT monitoring and management software pivotal to the attack. The conversation transitions into an exploration of supply chain attacks, with a particular focus on the SolarWinds incident where malicious code was injected into a legitimate software update, a sophisticated method attributed to a Russian APT group known as Cozy Bear.
This malware, known as Sunburst, was designed to be stealthy, executing only under specific conditions to avoid detection. The intricacies of its operation, including evasion techniques and the disabling of security software, highlight the advanced nature of this threat. The dialogue emphasizes the criticality of not solely relying on endpoint detection and response solutions and advocates for a Zero Trust strategy to mitigate such risks.
As we conclude with a strong call to action for organizations to tighten security policies and control outbound traffic, one critical question remains: How prepared is your organization to thwart these sophisticated attacks? Tune in to find out how you can bolster your defenses.
Subscribe to our Spotify channel and stay up to date with every cybersecurity treat.