CyberInsights Weekly #24
Your weekly dose of learnings from cybersecurity news
I. Supply Chain Attacked
Suspected Russian hackers spied on U.S. Treasury emails - sources
A far reaching nation state attack has exposed large global and government organisations.
This was done by a manual supply chain compromise of the popular IT infrastructure platform Solarwinds, that led to the insertion of a malicious dll file containing a backdoor in its official update.
This backdoor lies dormant for a couple of weeks and then activates itself to perform a wide range of adversarial activities. It can exfiltrate data, move laterally and take complete control of the compromised systems.
Read more about it on this page.
CISO Check:
How do you secure your software build pipeline against advanced supply chain attacks?
What processes do you have to detect and correct a compromised system being used in your network?
II. Google Services Outage - Act II
Google services users (not Google search) found themselves locked out of their Google accounts for more than an hour.
This was apparently caused by an incorrectly applied configuration to a large number of servers across neighbouring regions. Read the official Google statement here.
Services not being available for about an hour is no big deal. But this is Google. Millions of users who rely on Google services for mission critical work were left in the lurch.
We’ve written about cloud service unavailability in CyberInsights Weekly #8. The questions get more pertinent now and so, we ask them again here.
CISO Check:
What is the impact of cloud service failure to your business?
Do you know how many of your business partners depend on the cloud to provide you services?
Does your BCP need to have a scenario for cloud failure?
III. Quote of the week
There is no cloud. It is just someone else’s computer. - Origin unknown
Have an original interesting cybersecurity quote? Let us know in the comments and we will publish it along with your name in our quotes section.