This content is part of the Essential Guide: SolarWinds breach news center

Essential Guide

Browse Sections

Risk & Repeat: SolarWinds backdoor shakes infosec industry

By

Rob Wright, Senior News Director

Listen to this podcast

This week's Risk & Repeat podcast discusses the latest developments around the devastating SolarWinds backdoor attacks, which impacted several U.S. government agencies.

This week's Risk & Repeat podcast discusses the latest developments in the massive SolarWinds backdoor attacks, which have resulted in the breaches of several U.S. government agencies, as well as cybersecurity vendor FireEye.

The breaches, which have been attributed to suspected nation-state hackers, were the result of a supply chain attack on SolarWinds. Threat actors implanted a backdoor, dubbed Sunburst, in legitimate, digitally signed software updates for SolarWinds' Orion IT management platform. While Microsoft, FireEye and other companies have taken several steps to mitigate the threat and protect organizations, the extent of the Sunburst threat campaign is unclear. The Cybersecurity and Infrastructure Security Agency issued an alert Thursday that said the Orion platform is not the only initial infection vector the threat actors are using, and the ongoing attacks represent a "grave risk" to both public and private sector organizations.

SearchSecurity editors Rob Wright and Alex Culafi discuss the fallout from the attacks, the response effort from the government and private sector, and the silver linings for the infosec community.

Is network automation adoption necessary?
Automation is not a one-size-fits-all strategy for every network problem. Enterprises must examine their network's needs to ...
How SD-WAN for home offices supports remote work
The market maturation of SD-WAN is leading companies to consider extending the technology to remote workers. Companies should ask...
The role of generative AI in networking
As networks grow more complex, generative AI emerges as a tool that can help network teams with a wide range of tasks, such as ...

CIO

Ally's generative AI strategy eyes multiple LLMs, AI agents
The digital bank plans to privately host multiple LLMs on its GenAI platform, explore autonomous agent technology and evaluate ...
States act on privacy laws as Congress considers new bill
The American Privacy Rights Act introduced this week aims to establish a national privacy standard that would preempt state ...
CHIPS and Science Act funds TSMC, Intel projects
The Biden administration has awarded billions through the CHIPS and Science Act to five companies to invest in building and ...

Enterprise Desktop

How to remove a device from Intune enrollment
When a device reaches its end of life, IT needs to remove that device from any management software, such as Microsoft Intune. But...
Windows XP EOL anniversary: 10 years of endpoint evolution
Windows XP EOL meant upgrading to Windows 7, but times have changed. IT pros can use the next upgrade cycle as an opportunity to ...
Guide to Linux patch management
While patching desktops has some universal aspects across systems, there are specific Linux best practices that Linux ...

Cloud Computing

10 cloud vulnerabilities that can cripple your environment
Enterprises can be devastated by security-related weaknesses or flaws in their cloud environments. Find out where you are most ...
Learn the basics of industry cloud platforms
Healthcare, finance and other specialized industries can ask a lot of cloud services. Find out more about industry cloud ...
Compare ESG tools from AWS, Azure and Google Cloud
ESG standards are beginning to influence how large enterprises procure and consume cloud services. Take a closer look at the ...

ComputerWeekly.com

IT Sustainability Think Tank: Sustainable innovation key to carbon emissions transparency
CIOs and IT leaders must take action now to ensure they have an accurate overview of the carbon emissions, energy use and ...
Nexfibre reaches million premises ready for service benchmark
Months after commitment to billion-pound investment in broadband infrastructure across the course of 2024, UK wholesale provider ...
Sonatus opens software-defined vehicle R&D, engineering centre in Dublin
Software-defined vehicle partner establishes new design centre to take advantage of highly skilled pool of technical and ...

Close