Cybersecurity Webinar — SolarWinds Sunburst: The Big Picture

The SolarWinds Sunburst attack has been in the headlines since
it was first discovered in December 2020.

As the so-called layers of the onion are peeled back, additional
information regarding how the vulnerability was exploited, who was
behind the attack, who is to blame for the attack, and the
long-term ramifications of this type of supply chain
vulnerabilities continue to be actively discussed.

Cybersecurity company Cynet is taking a needed step back to
provide a full picture of the SolarWinds attack from start to
finish in an upcoming webinar, “Lessons Learned from the SolarWinds SUNBURST
Attack^[1].”

Information regarding many aspects of the attack has been coming
out in pieces, but we haven’t yet seen this type of comprehensive
overview of the technical steps behind the full attack, as well as
clear recommendations for protecting against similar future
attacks.

And this is precisely what’s needed so security professionals
can gain insights on the attack tactics, technologies, and
processes to apply the appropriate strategic defense measures to
prevent being a victim of targeted supply chain attacks.

Evil, Yet Impressive

From their first stealthy access to the Solarwinds environment
in September 2019, the hackers brilliantly staged and carried out
an attack that ultimately led to the compromise of systems in over
40 government agencies, including the National Nuclear Security
Administration (NNSA), the US agency responsible for nuclear
weapons. Targets in other countries, including Canada, Belgium,
Britain, and Israel, were also hit.

The Cynet webinar unpacks the attack to explain the build
process used by the attackers and then highlights the capabilities
of the Sunburst, Teardrop, and Raindrop malware used in the
attack.

Then, Cynet reviews the clever “kill switch” capabilities built
into the backdoor to help ensure that it would not be discovered by
security analysts.

Also, the webinar discusses the many new vulnerabilities that
were exposed in SolarWinds’ software and their ramifications.

A Look Forward

With a full understanding of how the attack was carried out, we
can then determine whether we’re likely to see these types of
supply chain attacks proliferate and whether nation-states are
already targeting key suppliers.

Unfortunately, in a field where success begets success, it’s all
too certain that similar attack approaches are actively underway
somewhere. Cynet also shares their perspective on this topic during
the webinar.

Given that most companies do rely on third-party providers for
much of their core software, what should they do to protect
themselves? Especially given that these companies have little
choice but to continue their use of third-party software that could
potentially be weaponized, despite the best efforts of the
third-party providers to protect themselves.

Cynet provides guidance on defense measures that should be
applied to ensure you’re not a victim of a supply chain attack even
though you have no visibility or control over your supplier’s
security. It’s important that companies come to realize that these
trusted third-party relationships can, and have been, compromised.
And action must be taken now.

Register for the webinar here^[2]