Risk & Repeat: SolarWinds attacks come into focus

This week's Risk & Repeat podcast discusses the scope of the SolarWinds backdoor attacks, which has become clearer in recent weeks.

Several organizations, including Microsoft and the U.S. Department of Justice, have disclosed breaches in which suspected Russian state-sponsored hackers exploited the SolarWinds backdoor and gained access to sensitive data. At the same time, other companies such as VMware, Cisco and Intel have disclosed that they received the malicious SolarWinds Orion updates but found no evidence that the backdoor was exploited. As a result, authorities believe the SolarWinds attacks were part of a cyberespionage campaign that targeted specific organizations for intelligence gathering, though events are still unfolding.

In addition, this episode examines the cybersecurity implications of the Capitol Building riots on Jan. 6 in Washington, D.C. During the riots, several protesters broke into the offices of members of Congress, where computers and workstations were accessible. SearchSecurity editors Rob Wright and Alex Culafi discuss the possible cybersecurity risks that resulted from the physical access to those systems.