Sign up to save your podcasts
Or
Share #45 - Hacker History: SolarWinds
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
#45 - Hacker History: SolarWinds
In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of John Bambenek, tell the story of one of the largest and most complicated supply chain attacks in history: SolarWinds
On December 13, 2020, The Washington Post reported that multiple government agencies were breached through SolarWinds's Orion software.
Victims of this attack include the cybersecurity firm FireEye, the US Treasury Department, the US Department of Commerce's National Telecommunications and Information Administration, as well as the US Department of Homeland Security.Prominent international SolarWinds customers investigating whether they were impacted include the North Atlantic Treaty Organization (NATO), the European Parliament, UK Government Communications Headquarters, the UK Ministry of Defence, the UK National Health Service (NHS), the UK Home Office, and AstraZeneca. FireEye reported the hackers inserted "malicious code into legitimate software updates for the Orion software that allow an attacker remote access into the victim's environment" and that they have found "indications of compromise dating back to the spring of 2020". FireEye named the malware SUNBURST. Microsoft called it Solorigate.
The attack used a backdoor in a SolarWinds library; when an update to SolarWinds occurred, the malicious attack would go unnoticed due to the trusted certificate.
The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.
View all episodes
By LimaCharlie
5
2424 ratings
In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of John Bambenek, tell the story of one of the largest and most complicated supply chain attacks in history: SolarWinds
On December 13, 2020, The Washington Post reported that multiple government agencies were breached through SolarWinds's Orion software.
Victims of this attack include the cybersecurity firm FireEye, the US Treasury Department, the US Department of Commerce's National Telecommunications and Information Administration, as well as the US Department of Homeland Security.Prominent international SolarWinds customers investigating whether they were impacted include the North Atlantic Treaty Organization (NATO), the European Parliament, UK Government Communications Headquarters, the UK Ministry of Defence, the UK National Health Service (NHS), the UK Home Office, and AstraZeneca. FireEye reported the hackers inserted "malicious code into legitimate software updates for the Orion software that allow an attacker remote access into the victim's environment" and that they have found "indications of compromise dating back to the spring of 2020". FireEye named the malware SUNBURST. Microsoft called it Solorigate.
The attack used a backdoor in a SolarWinds library; when an update to SolarWinds occurred, the malicious attack would go unnoticed due to the trusted certificate.
The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.
More shows like The Cybersecurity Defenders Podcast
View all
Risky Business
365 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
636 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
366 Listeners
Hacked
183 Listeners
CyberWire Daily
1,009 Listeners
Smashing Security
312 Listeners
Click Here
415 Listeners
Darknet Diaries
7,913 Listeners
Cybersecurity Today
166 Listeners
CISO Series Podcast
189 Listeners
Hacking Humans
314 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
127 Listeners
Risky Bulletin
43 Listeners
Hacker And The Fed
167 Listeners