SCSW Again in 2020, Eric Scales led the incident response workforce investigating a nation-state hack that compromised his firm’s servers together with these at federal companies and tech giants together with Microsoft and Intel.
“It was much like a fraternity rush – the perfect expertise I by no means wish to do once more,” Scales, head of incident response at Mandiant, instructed The Register. “It was fairly intense. Little did we all know we had been going to be in the midst of the supply-chain assault of the last decade.”
This, after all, was SolarWinds assault, which has since been attributed to Russia’s Cozy Bear gang, and along with being essentially the most high-profile supply-chain breach, it was additionally throughout the COVID-19 lockdown, so the IR workforce’s battle room was completely digital.
Greater than two years later, “I do not suppose we have improved a lot in any respect,” he mentioned. “Evidently provide chain assaults are simply on the rise.” And nowadays, criminals are particularly eager on attacking open supply software program libraries, he famous.
Nonetheless, there are beneficial classes to be discovered from SolarWinds, and Scales has some good recommendations on how firms can defend themselves and what organizations ought to do in the event that they discover themselves in an analogous scenario.
As Scales instructed us: “This downside is just not going away — it is simply going to get larger.” ®