Updated: Jul 31
This is a fantastic article from Fast Company highlights the new realities of cybersecurity and makes a strong case for corporate cyber-response readiness.
What it was like inside Microsoft during the worst cyberattack in history
Microsoft president Brad Smith describes the chaos inside the tech giant during the SolarWinds hack.
My takeaways from this great article are:
Hostile governments are investing in technology as a way to steal intellectual property from private businesses as well as the highest levels of the US government
Technology is transforming the form of hostility between nations, actors over the last 80 years have evolved from soldiers to spies to hackers.
Nation-state hackers are investing deeply in hacking strategies that enable extreme, global scale.
Characteristics of the hostile nation attack are; sophistication, persistence, and patience.
Hackers are piggybacking on software updates that come from a trusted partner, in this case, SolarWinds. As a result, their malware travels over trusted networks, and by leveraging the healthy habit of patching they are able to distribute their payload onto sensitive networks around the world in a matter of just a few days.
These threat actors are using US-based platforms such as GoDaddy and Amazon Web Services, as their command and control centers to avoid detection.
The two critical questions that need to be answered as quickly as possible after an attack are: How did the attacker gain entry, and what network credentials did the attacker obtain?