In this episode of the My TechDecisions Podcast, MJ Shoer, senior vice president and executive director of the CompTIA Information Sharing and Analysis Organization, joins the podcast to talk about the recent SolarWinds hack.
As many in the IT community know, one of the major risks of doing business is the threat of a cyber attack, and there’s no greater recent example than the compromise of IT network management software from SolarWinds, one of the more popular IT software providers in the industry.
According to MJ and other cybersecurity experts, this highly sophisticated threat actor inserted malicious code into an update of the SolarWinds Orion platform, which then gave attackers access to nearly 18,000 networks of SolarWinds customers.
Not every customer was breached further, but some very high profile customers were, including the U.S. Treasury and Commerce Departments, cyber agencies within the U.S. department of homeland security, cybersecurity firm FireEye and other organizations that could yield valuable information and data for U.S. adversaries.
Officials also believe the SolarWinds platform isn’t the only piece of legitimate software being leveraged in these attacks. The situation is still developing and we’re learning more by the hour, so we’ll keep you updated as new information becomes available.
Listen to this podcast using the embedded player below, or use the link to download (right-click to save) or to listen using your system's media player. On mobile devices simply click the Download this Audio File link below and your devices player will automatically play the file.
Listen to My TechDecisions Podcast Episode 111: Responding to the SolarWinds Orion Compromise
Filesize: 17 MB