This content is part of the Essential Guide: SolarWinds breach news center
News Stay informed about the latest enterprise technology news and product updates.

Risk & Repeat: SolarWinds backdoor shakes infosec industry

Listen to this podcast

This week's Risk & Repeat podcast discusses the latest developments around the devastating SolarWinds backdoor attacks, which impacted several U.S. government agencies.

This week's Risk & Repeat podcast discusses the latest developments in the massive SolarWinds backdoor attacks, which have resulted in the breaches of several U.S. government agencies, as well as cybersecurity vendor FireEye.

The breaches, which have been attributed to suspected nation-state hackers, were the result of a supply chain attack on SolarWinds. Threat actors implanted a backdoor, dubbed Sunburst, in legitimate, digitally signed software updates for SolarWinds' Orion IT management platform. While Microsoft, FireEye and other companies have taken several steps to mitigate the threat and protect organizations, the extent of the Sunburst threat campaign is unclear. The Cybersecurity and Infrastructure Security Agency issued an alert Thursday that said the Orion platform is not the only initial infection vector the threat actors are using, and the ongoing attacks represent a "grave risk" to both public and private sector organizations.

SearchSecurity editors Rob Wright and Alex Culafi discuss the fallout from the attacks, the response effort from the government and private sector, and the silver linings for the infosec community.

SearchCloudSecurity
SearchNetworking
SearchCIO
SearchEnterpriseDesktop
SearchCloudComputing
ComputerWeekly.com
Close