28 Dec 2020

With time going by and no real response from the White House regarding the SolarWinds breach, it can be pretty easy to forget about it and move on to the next media cycle.  Because that’s what we tend to do here in the US.

However, doing that is just NOT a good idea in this situation.

This attack was one of the most sophisticated attacks in the nation’s history and truly spotlit our cyber flaws.  Going on two weeks since the attack, here is what we know, and here are the steps we need to take…

Scope

While we still don’t know the exact number of government agencies and businesses that have been breached, we know it has touched such departments from Homeland Security to the CDC and is the largest (known) breach since 2014 when the Office of Personnel Management was hacked.

Attack

It’s also important to note that this attack wasn’t a “cyberattack,” per se.  It was a Russian-state espionage mission which means they weren’t trying to HURT our networks and systems, exactly; rather, their goal was exfiltration of data.  The distinction is an important one because the ramifications of an attack versus espionage are fairly significant.  The expectation is that spying on other nations is something that is known and accepted while attacks will often call for a show of force.

However, it does cast doubt on the US’s cyber security strategies which have evolved from “deterrence” to “defend forward.”  Using deterrence is where the US attempted to stop the enemy before they started through the use of threats.  Threats, to work, need to have teeth… All bark and no bite is not only a terrible way to play, but it’s also a terrible way to measure effectiveness because, how do you know if your tactic worked when there’s nothing to see here, folks?  If your adversary thinks that there will be no consequences (or moderate consequences) for their actions, what’s stopping them?  On the flip side, destroying a city or dropping bombs on civilians is a pretty extreme response to a data breach, so where is the happy medium?

Because cyber spying is so common, punishments are difficult to dole out.

At this point, it’s still unknown just how far-reaching the effects will be, but what’s clear is that our strategy didn’t work… Which is why they seem to be shifting from “deterrence” to “defend forward (DF).”

DF is meant to help plug the holes left behind from deterrence methods and was unveiled in 2018… As many of you might realize, it’s 2020, so clearly something went wrong.  DF is meant to “…halt malicious cyber activity at its source…” but it hasn’t seemed to become a fully realized ideal and the US clearly needs to beef up its cyber security practices.

Sophistication

This breach’s most notable feature is just how insanely sophisticated and meticulously planned it was.  While it followed a rather common path in that it snuck into the networks and expanded whenever and wherever possible, it was remarkable in the fact that it was able to exploit a vulnerability in SolarWinds software process that was then spread far and wide… But with almost no detection and lots of cover-up.

And while the course of the attack looked similar to other attacks, the beginning is where you really see just how advanced the bad guys are.  It started with software vulnerability and they embedded that vulnerability as code, which gave them access to some really sensitive data, like the tools used by FireEye for Red Team testing – this is HUGE and extremely dangerous because it helps the enemies of our state understand more fully the actions that we are taking in our defense and offense.

What’s Next?

While we can’t very well force the US government to do what needs to be done, what’s clear is that layered protection is a necessity.  It’s also vitally important that we start to really take cyber hygiene seriously.  Just think about when you were a preteen and started to get blemishes on your face… the same routine you were using clearly isn’t working anymore and it’s time to figure out what works so you don’t suffer from needless scarring in the future.

For example,  in order to minimize the impact of a future breach, the US should improve its cyber security by adding much-needed layers while also conducting counterintelligence and counter cyber operations, thus expanding its “defend forward” strategy, in addition to attempting to deter attacks in general.

It doesn’t make sense to rely on deterrence-only as a tactic and it clearly doesn’t work.

While, again, neither you nor I can effect direct change on the government, we can control ourselves and fortify our own vulnerabilities.  A great starting point is to review our Remote Security Checklist, which gives a number of ways to start layering your cyber security for greater protection against bad actors.  We also strongly urge you to contact a cyber security specialist.  Most firms, like ours, will conduct a free consultation where you can ask questions and gain insight into your cyber security needs.  Feel free to call us at 919-422-2607, or visit our online scheduler.

Please stay safe out there, and remember that hackers TRULY have no shame.

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30

    SCHEDULE AN APPOINTMENT

    Make It Happen Now

    CLIENT SUPPORT

    Don't Feel Stranded

    CONSULTATION

    Get Best Advice

    PAYMENTS

    Make A Payment

    Top