{"id":9490,"date":"2024-06-11T07:54:52","date_gmt":"2024-06-11T05:54:52","guid":{"rendered":"https:\/\/cyberinsights.iainfraser.net\/?p=9490"},"modified":"2024-06-12T16:20:53","modified_gmt":"2024-06-12T14:20:53","slug":"threat-intel-solarwinds-the-worlds-most-invasive-and-destructive-cyberattack-to-date","status":"publish","type":"post","link":"https:\/\/smecyberinsights.co.uk\/index.php\/2024\/06\/11\/threat-intel-solarwinds-the-worlds-most-invasive-and-destructive-cyberattack-to-date\/","title":{"rendered":"THREAT INTEL: SOLARWINDS \u2013 The world\u2019s most invasive and destructive Cyberattack, to date."},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\"Iain\t\t\t\t\t\t\t\t\t\t\t
Image Credit: IfOnlyCommunications<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

Gibraltar: Tuesday 11 June 2024 at 07:40 CET<\/p>\n

THREAT INTEL: SOLARWINDS \u2014 The world\u2019s most invasive and destructive cyberattack, to date.<\/strong><\/p>\n

By Andy Jenkinson \u2014 Guest Contributor | Group CEO\u00a0Cybersec Innovation Partners<\/a>
\nvia\u00a0IainFRASER.net\/CYBERInsights<\/a>
\nSME Cyber Insights<\/a><\/p>\n

Google Indexed on 110624 at 09:10 CET<\/a><\/p>\n

#SMECyberInsights #SMECybersecurityNews #Cybersecurity #WhitethornShield #InternetSecurity #Cybercrime #CyberInsurance #DNS #PKI<\/em><\/p>\n

THREAT INTEL: SOLARWINDS \u2014 The world\u2019s most invasive and destructive cyberattack, to date.<\/strong><\/p>\n

The day\u00a0<\/strong>SolarWinds<\/strong><\/a>\u00a0finally listened and realized their massive security oversight -13 May 2021.<\/strong><\/p>\n

The world\u2019s most invasive and destructive cyberattack, to date, was discovered by Fireye at\u00a0<\/strong>SolarWinds<\/strong><\/a>\u00a0in December 2020.\u00a0<\/strong>SolarWinds<\/strong><\/a>\u00a0had unknowingly suffered a subdomain takeover and a DNS attack. Both exploited\u00a0<\/strong>SolarWinds<\/strong><\/a>\u2018 poor security of their critical Internet Assets.<\/strong><\/p>\n

We reached out to\u00a0Tim Brown<\/em><\/a>,\u00a0SolarWinds<\/strong><\/a>\u00a0CISO and shared information of their exposure. Several months later many were addressed, albeit a tad late.<\/p>\n

The\u00a0DNS<\/strong>\u00a0related attachments mean much more than is\u00a0DNSSEC<\/strong>\u00a0used or not. They provide a comprehensive overview and identification of the\u00a0DNS<\/strong>\u00a0and Servers in use:<\/p>\n

1) INSECURE DNS<\/strong>\u00a0records and Servers of\u00a0SolarWinds<\/a>\u00a0dated 13 May 2021
\n2) SECURE DNS<\/strong>\u00a0records and Servers of\u00a0SolarWinds<\/a>\u00a0dated 14 May 2021
\n3) SECURE<\/strong>\u00a0Named Servers of\u00a0SolarWinds<\/a>\u00a0dated 14 May 2021
\n4) INSECURE<\/strong>\u00a0Named Servers of\u00a0SolarWinds<\/a>\u00a0dated 13 May 2021<\/p>\n

On the 13\/14 May 2021, 5 months after the discovery of the crippling, long term cyberattack,\u00a0Tim Brown<\/em><\/a>\u00a0<\/em>and\u00a0SolarWinds<\/strong><\/a>\u00a0finally addressed these\u00a0DNS<\/strong>\u00a0Named Servers.<\/p>\n

The move from\u00a0INSECURE DNS<\/strong>\u00a0Named Servers, to\u00a0SECURE DNS<\/strong>\u00a0Named Servers marked a profound leap in resilience and security for\u00a0SolarWinds<\/strong><\/a>.<\/strong><\/p>\n

Prof Bill Buchanan OBE FRSE<\/em><\/a>\u00a0wrote a paper on December 10 2015,\u00a0\u201dThe Most Fragile of Foundations of The Cyber Age \u2014 DNS\u201d<\/em><\/p>\n

Companies that collect, collate, harvest, and use large amounts of data whilst lacking control and management of their\u00a0DNS<\/strong>\u00a0are simply waiting and fueling\u00a0Cybercrime.<\/strong><\/p>\n

The Will to Act, like ignorance, is a choice.<\/strong><\/p>\n

Sadly all too often poor choices on both fronts are made. When this occurs, companies and organizations remain exposed, vulnerable, and insecure. These companies greatly increase their chances to be added to the list of victims.<\/p>\n

You can be Reactive to the Facts, as\u00a0Tim Brown<\/em><\/a>\u00a0and\u00a0SolarWinds<\/strong><\/a>\u00a0were, or Proactive and address these critical Internet Assets and\u00a0DNS<\/strong>\u00a0servers.<\/p>\n

FBI Cyber Division<\/em><\/a>\u00a0<\/em>Federal Bureau of Investigation (FBI)<\/em><\/a>\u00a0<\/em>The White House<\/em><\/a>\u00a0<\/em>GCHQ<\/em><\/a>\u00a0<\/em>National Cybersecurity Coordination Center (NCSCC)<\/em><\/a>\u00a0<\/em>Information Commissioner\u2019s Office<\/em><\/a>\u00a0<\/em>U.S. Securities and Exchange Commission<\/em><\/a><\/p>\n

<\/code><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"SolarWinds\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLearn More \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

About Andy Jenkinson<\/span><\/strong><\/p>\n

Group CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. Recognised Expert in Internet Asset & DNS Vulnerabilities.<\/span><\/strong><\/p>\n

Andy Jenkinson is a senior and seasoned innovative Executive with over 30 years\u2019 experience
\nas a hands-on lateral thinking CEO, coach, and leader. A \u2018big deal\u2019 business accelerator, and
\ninspirational, lateral thinker, Andy has crafted, created, and been responsible for delivering
\n100\u2019s \u00a3 millions of projects within the Cyber, Technical, Risk and Compliance markets for
\nsome of the world\u2019s largest, leading organisations. Andy has a demonstrable track record
\nof largescale technical delivery and management within many sectors including the
\nProfessional, Managed, and Financial Services.<\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLearn More \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t\t
\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Image Credit: IfOnlyCommunications Learn More \/… Learn More \/…<\/p>\n","protected":false},"author":1,"featured_media":9501,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"cybocfi_hide_featured_image":"yes","footnotes":""},"categories":[440],"tags":[439,515],"ppma_author":[505],"class_list":["post-9490","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyberthreat-intel","tag-cyberthreat-intel","tag-solarwinds"],"featured_image_urls":{"full":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/06\/Image_BlickPixel_Pixabay_ServerRoom2.jpg",1280,853,false],"thumbnail":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/06\/Image_BlickPixel_Pixabay_ServerRoom2-150x150.jpg",150,150,true],"medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/06\/Image_BlickPixel_Pixabay_ServerRoom2-300x200.jpg",300,200,true],"medium_large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/06\/Image_BlickPixel_Pixabay_ServerRoom2-768x512.jpg",640,427,true],"large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/06\/Image_BlickPixel_Pixabay_ServerRoom2-1024x682.jpg",640,426,true],"1536x1536":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/06\/Image_BlickPixel_Pixabay_ServerRoom2.jpg",1280,853,false],"2048x2048":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/06\/Image_BlickPixel_Pixabay_ServerRoom2.jpg",1280,853,false],"covernews-featured":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/06\/Image_BlickPixel_Pixabay_ServerRoom2-1024x682.jpg",1024,682,true],"covernews-medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/06\/Image_BlickPixel_Pixabay_ServerRoom2-540x340.jpg",540,340,true]},"author_info":{"display_name":"Cybersecurity Journalist Iain Fraser","author_link":false},"category_info":"SME CYBER\/THREAT INTEL<\/a>","tag_info":"SME CYBER\/THREAT INTEL","comment_count":"0","authors":[{"term_id":505,"user_id":1,"is_guest":0,"slug":"admin_yjdstq4n","display_name":"Cybersecurity Journalist Iain Fraser","avatar_url":{"url":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png","url2x":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png"},"0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/9490","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/comments?post=9490"}],"version-history":[{"count":0,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/9490\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media\/9501"}],"wp:attachment":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media?parent=9490"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/categories?post=9490"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/tags?post=9490"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/ppma_author?post=9490"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}