The massive cyber attack on the United States via information technology vendor SolarWinds continues to send Shockwaves through the departments of Defense, State and Homeland Security as well as other agencies. Damage assessments are ongoing. If the U.S. government in general and Defense Department in particular are to successfully defend against attacks by well-funded, patient and highly motivated enemies, they will need to change their approach to defending their networks and systems. First detected in December 2020, the Sunburst attack was quiet and insidious. Hackers injected malicious code into SolarWinds' information technology management suite, Orion, providing a toehold into 18,000 of their customers for nine months before it was discovered. By late January 2021, investigators began to think the hackers also had exploited weaknesses in additional supply chain vendors, including Microsoft's Office 365 and VMware. U.S. intelligence agencies believe SVR, Russia's intelligence agency, directed the hackers, who are variously called Dark Halo or Cozy Bear.
展开▼