bpmcdevitt/brendan.mcdevitt.tech
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixed some typos

Browse source
This commit is contained in:
Brendan McDevitt 2020-12-18 13:35:03 -05:00
parent 02c260a75f
commit 05906cc3d4
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
_security/2020-12-17-thoughts-on-solarwinds.markdown
View file

@ -8,19 +8,19 @@ categories: security
## A worst case scenario
What if a threat actor was able to compromise a software program that gave
operators insight into the systems that live on a network? A network map if you will as well as host up/down checking abilities. Oh, and a centralized storage place for credentials?
What if the government (and a whole bunch of other companies with sensitive information) ran this software across alot of its infrastructure?
What if the government (and a whole bunch of other companies with sensitive information) ran this software across most of its infrastructure?
Well that software was SolarWinds, and it has been owned. A nation-state level attack believed to be from Russian hacking group [APT29/CozyBear](https://en.wikipedia.org/wiki/Cozy_Bear) are believed to be behind the hack. They
have compromised many of the internal government networks and work is ongoing to
investigate the damage of companies and government agencies alike.
As I am fairly fresh into a new security research position at [Kenna Security](https://www.kennasecurity.com/)
As I am fairly fresh into a new security research position at [Kenna Security](https://www.kennasecurity.com/),
I want to begin this with a realization that targeted hacking has been going on for years.
Information control is everything in the world today, and the United States
intelligence agencies have developed the systems to capture and collect
a whole bunch of data. This will always be a target to foreign nation-states. Systems will need
a whole bunch of data. This will always be a target to foreign nation states. Systems will need
to be rebuilt from scratch and systems needs to start being forensically imaged/copied and analyzed by
incident response teams and really really skilled hackers and programmers to try to
incident response teams and really really skilled hacker's and programmers to try to
rebuild things in a much more secure manner and track the nation state hackers
footprints.