Sign up to save your podcasts
Or
Share Ep. 81 Headlines in Cybersecurity: What States Should Know Day Two: Supply Chain Hacks
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ep. 81 Headlines in Cybersecurity: What States Should Know Day Two: Supply Chain Hacks
When the World Wide Web was developed in the late 1980s the idea was you could get information from the platform easily. Well, that certainly worked. In the past thirty years, this “interconnectedness” has brought benefits and unexpected risks.
One of the dangers is the ease of one system connecting to another. Great if you want to validate a person’s identity; also beneficial for a malicious actor to place code in a system that automatically updates.
The most egregious example of the danger of automatic interconnectedness is the Solar Winds event. Systems were set where network “A” trusted code from network “B.” The cyber attackers took advantage of this trust and inserted code into the target system.
The application for systems managers is obvious – if your architecture is designed to connect to trusted third-party solutions providers, how can know the code is clean? If you combine that with the lack of staff that most state and local governments have, then you have a serious problem. Just to amplify the situation, remote connections blossomed in COVID and the number of logs to manage is out of control.
This is a discussion where subject matter experts from software companies, federal leaders, and county practitioners sit down to provide some suggestions to solve the vexing problem. One possibility is to treat code in a “suspected” manner. Take each system update and consider it as malicious and run it in a sandbox before deploying. Unfortunately, this is a labor-intensive process, and we are assuming a situation with a lack of professionals.
Bill Harrod from Ivanti suggests that systems administrators can take advantage of artificial intelligence and automation to vet patches and updates quickly. If there is an issue, remediation can take place rapidly.
Another remedy discussed was including text in future contracts where software vendors must assure end users that the code they provide has been thoroughly evaluated. This does nothing for a system in place today, but it is a good long-term preventative measure.
View all episodes
By FedInsider
5
55 ratings
When the World Wide Web was developed in the late 1980s the idea was you could get information from the platform easily. Well, that certainly worked. In the past thirty years, this “interconnectedness” has brought benefits and unexpected risks.
One of the dangers is the ease of one system connecting to another. Great if you want to validate a person’s identity; also beneficial for a malicious actor to place code in a system that automatically updates.
The most egregious example of the danger of automatic interconnectedness is the Solar Winds event. Systems were set where network “A” trusted code from network “B.” The cyber attackers took advantage of this trust and inserted code into the target system.
The application for systems managers is obvious – if your architecture is designed to connect to trusted third-party solutions providers, how can know the code is clean? If you combine that with the lack of staff that most state and local governments have, then you have a serious problem. Just to amplify the situation, remote connections blossomed in COVID and the number of logs to manage is out of control.
This is a discussion where subject matter experts from software companies, federal leaders, and county practitioners sit down to provide some suggestions to solve the vexing problem. One possibility is to treat code in a “suspected” manner. Take each system update and consider it as malicious and run it in a sandbox before deploying. Unfortunately, this is a labor-intensive process, and we are assuming a situation with a lack of professionals.
Bill Harrod from Ivanti suggests that systems administrators can take advantage of artificial intelligence and automation to vet patches and updates quickly. If there is an issue, remediation can take place rapidly.
Another remedy discussed was including text in future contracts where software vendors must assure end users that the code they provide has been thoroughly evaluated. This does nothing for a system in place today, but it is a good long-term preventative measure.