The attacks that happened in December that affected local, state, federal, and private companies in the United States was a well-orchestrated effort believed to be performed by the Russian intelligence agency. Russian-funded government hackers have performed various hacking exploits before but the Solarwinds attack is one of the most major breaches in recent history. The Russian hacking activist used malware and other techniques unbeknownst to the investigative officials and know to the public. The Russian activists that performed the attack were very proficient and didn’t leave many traces of the effort of the attack.
The attack has led to widespread criticism and skepticism of the defenses of various companies including Microsoft and FireEye. The government has been on record stating that the attack has had a crippling effect on the trust of the infrastructure security of the various companies. Many questions were raised about the protection of critical government and private companies after the breach. The breach has been highly publicized and many adjustments have been made to help limit the damage of the breach.
The SolarWinds attack shows that an intuitive approach is needed to keep aware of potential threat vectors and techniques used for criminal hacking purposes to infiltrate organizations and government facilities. I believe an insider threat actor is responsible for the major aspects of the breach and infiltrating the organization contributing to the breach of the computer systems. The mean time to detect was in line with the time expected with the severity of the breach.
The effect of the Solarwinds attacks to the most recognition is upscale of security measures to protect systems that were affected and improve upon the protection of data that is of the utmost importance. Also, an effect was the attack awoken organizations attention to the security vulnerabilities present in the major and minor operations of the organization. Another effect is the changes in reporting and detection mechanics used for cyber breaches.
In conclusion, the Solarwind attacks show a lack of preparation and awareness of different security procedures to prevent the breach from occurring. There were various effects that contributed to the event occurring that may or may not be preventable. With the tight security associated with the Solarwinds company I briefly explained why I believe it is most likely an insider threat. Finally, there are major repercussions that have to be dealt with expediently to prevent another attack from occurring and limit the effect of the data breach.