Sign up to save your podcasts
Or
Share Anatomy of a Hack: SolarWinds and Ripples Beyond
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Anatomy of a Hack: SolarWinds and Ripples Beyond
In this special “3x”-long episode of our (otherwise shortform) news analysis show 16 Minutes -- past such 2-3X explainer episodes have covered section 230, Tiktok, GPT-3, the opioid crisis, more -- we cover the SolarWinds hack, one of the largest (if not the largest!) publicly known hacks of all time... and the ripple effects are only now starting to be revealed. Just this week, the U.S. Cybersecurity and Infrastructure Security Agency shared (as reported in the Wall Street Journal) that approximately 30% of both private-sector and government victims linked to the hack had no direct connection to SolarWinds. So who was compromised, do they even know, can they even know?!
Because this hack is a supply-chain compromise involving various third-party software and services all connected together in a "chain of chains", the knock-on effects of it will be revealed (or not!) for years to come. So what do companies -- whether large enterprise, mid-sized startup, or small business -- do? What actually happened, and when does the timeline really begin? While first publicly revealed in December 2020 -- we first covered the news in episode #49 here when it first broke, and there have been countless headlines since (about early known government agency victims, company investigations, other tool investigations, debates over who and how and so on) -- the hack actually began not just a few months but years earlier, involving early tests, legit domains, and a very long game.
We help cut through the headline fatigue of it all, tease apart what's hype/ what's real, and do an "anatomy of a hack" step-by-step teardown -- the who, what, where, when, how; from the chess moves to technical details -- in an in-depth yet accessible way with Sonal Chokshi in conversation with a16z expert and former CSO Joel de la Garza and outside expert Steven Adair, founder and president of Volexity. The information security firm (which specializes in incident response, digital forensics/ memory analysis, network monitoring, and more) not only posted guidance for responding to such attacks, but also an analysis based on working three separate incidents involving the SolarWinds hackers. But how did they know it was the same group? And why was it not quite the perfect crime?
image: Heliophysics Systems Observatory spacecraft characterize, in the highest cadence, the constant stream of particles exploding from the sun affect Earth, the planets, and beyond via NASA Goddard Space Flight Center / Flickr
View all episodes
By Andreessen Horowitz
4.5
104104 ratings
In this special “3x”-long episode of our (otherwise shortform) news analysis show 16 Minutes -- past such 2-3X explainer episodes have covered section 230, Tiktok, GPT-3, the opioid crisis, more -- we cover the SolarWinds hack, one of the largest (if not the largest!) publicly known hacks of all time... and the ripple effects are only now starting to be revealed. Just this week, the U.S. Cybersecurity and Infrastructure Security Agency shared (as reported in the Wall Street Journal) that approximately 30% of both private-sector and government victims linked to the hack had no direct connection to SolarWinds. So who was compromised, do they even know, can they even know?!
Because this hack is a supply-chain compromise involving various third-party software and services all connected together in a "chain of chains", the knock-on effects of it will be revealed (or not!) for years to come. So what do companies -- whether large enterprise, mid-sized startup, or small business -- do? What actually happened, and when does the timeline really begin? While first publicly revealed in December 2020 -- we first covered the news in episode #49 here when it first broke, and there have been countless headlines since (about early known government agency victims, company investigations, other tool investigations, debates over who and how and so on) -- the hack actually began not just a few months but years earlier, involving early tests, legit domains, and a very long game.
We help cut through the headline fatigue of it all, tease apart what's hype/ what's real, and do an "anatomy of a hack" step-by-step teardown -- the who, what, where, when, how; from the chess moves to technical details -- in an in-depth yet accessible way with Sonal Chokshi in conversation with a16z expert and former CSO Joel de la Garza and outside expert Steven Adair, founder and president of Volexity. The information security firm (which specializes in incident response, digital forensics/ memory analysis, network monitoring, and more) not only posted guidance for responding to such attacks, but also an analysis based on working three separate incidents involving the SolarWinds hackers. But how did they know it was the same group? And why was it not quite the perfect crime?
image: Heliophysics Systems Observatory spacecraft characterize, in the highest cadence, the constant stream of particles exploding from the sun affect Earth, the planets, and beyond via NASA Goddard Space Flight Center / Flickr
More shows like 16 Minutes News by a16z
View all
Freakonomics Radio
32,051 Listeners
This Week in Startups
1,287 Listeners
The Twenty Minute VC (20VC): Venture Capital | Startup Funding | The Pitch
538 Listeners
The Official SaaStr Podcast: SaaS | Founders | Investors
175 Listeners
Acquired
4,627 Listeners
The Knowledge Project
2,684 Listeners
Entrepreneurial Thought Leaders (ETL)
707 Listeners
a16z Show
1,085 Listeners
Google DeepMind: The Podcast
200 Listeners
Dry Powder: The Private Equity Podcast
147 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,873 Listeners
Raising Health
148 Listeners
a16z Live
25 Listeners
Business Breakdowns
350 Listeners
web3 with a16z crypto
62 Listeners
Moonshots with Peter Diamandis
540 Listeners
BG2Pod with Brad Gerstner and Bill Gurley
498 Listeners