SolarWinds hack was ‘largest and most sophisticated attack’ ever – Microsoft president

Earlier in 2020, hackers broke into SolarWind’s systems and added malicious code into the company’s “Orion” software system, used by tens of thousands of customers to manage IT resources. When SolarWinds proceeded to send out software updates that included the affected code, as many as 18,000 customers unknowingly created a back door in their IT infrastructure that gave hackers free reign to view their data.

Unfortunately, cybersecurity breaches have become somewhat commonplace especially with the rise of public cloud computing, dominating a news cycle until the next breach replaces it in the headlines. However, the SolarWinds hack has been so extensive and the damage so difficult to assess that the implications are likely to be felt long into the future. With a victim list that includes US agencies such as the Pentagon, Department of Homeland Security, Department of Energy, the National Nuclear Security Administration, and the Treasury, as well as private companies, like Microsoft, Cisco, Intel, and Deloitte, and other organizations including hospitals and universities, it is no surprise the White House has appointed this breach its own task force headed by Anne Neuberger, deputy national security adviser for cyber.

Implications for the Future of Cybersecurity

One concern professionals have voiced following the severity of this massive ‘supply chain’ style cyber attack is that its success, from the perspective of the hackers, will inspire a rise in this malicious tactic. This raises the all important question, “what can be done to prevent it?”. Cybersecurity professionals across the globe have weighed in and while most concede there is no ‘silver bullet’, taking a layered approach to cyber security is a strategy that industry experts all agree on when it comes to mitigating breach risks.

Encryption has long been the standard method of data security assurance, but even before news of the SolarWinds hack swept the industry the prevalence of serious breaches has been indicating that encryption alone is failing to provide an adequate standard of data security. Complexities with key management and performance degradation can lead organizations to fail to encrypt all sensitive data or to do so improperly. Even if deployed correctly, there is the possibility that encrypted data, with enough time and compute power, can be unscrambled by capable nefarious actors. This is especially concerning as we edge toward quantum computing.

Implementing New Security Failsafes

Layering encryption with newer technology, such as Microsharding, provides a critical failsafe that can drastically mitigate the fallout of a breach. Micorsharding involves breaking data into fragments that can be as small as single digit bytes, polluting the shards then dispersing to multiple storage locations that can include public clouds in addition to on-premises locations. Microsharding virtually eliminates the sensitivity of data in a given storage location, drastically reducing the attack surface.

In contrast with encryption, in which a full set of accessed data could be feasibly unscrambled with enough time and compute power, reconstituting Microsharded data would require locating and accessing all shard storage locations everywhere, before even considering how to un-pollute and reassemble to ascertain whether data is valuable. ShardSecure’s Microshard™ technology changes the attacker’s challenge from a time and compute power problem to a time, compute power, and spatial problem. Encryption may slow an attacker down, but Microshard data protection persists over time. Faster computers, even quantum, won’t help an attacker against Microsharding as simply they do not have the data localized to unscramble. 

As cybersecurity evangelist and leading authority on Identity and Access Management (IAM) with Centrify, Andy Smith, explained to Forbes in the breach aftermath, layering on the difficulty for would-be attackers is an excellent place to start. He advised, “For every organization looking at this hack and considering how future attacks of this sophistication will impact them, it’s a good idea to use this event as a way to get your board and executives thinking about a more resilient, hardened multilayer approach and not relying on a single solution to protect you. I see organizations using this opportunity to evaluate how a layered approach will work for their projects when it might not have been feasible to fund in the past.”

The SolarWinds hack is yet another example of how the cybersecurity space, at least those on the defensive end, may not have evolved quickly enough against the threats they face. If there is a positive outcome for the organizations impacted by this event, though, it is the spotlight it’s put on how much more needs to be done to make it difficult on attackers in the event of a breach. Finding ways to reduce and even eliminate the sensitivity of data available to those who access it maliciously is the most essential area of focus for those who seek to ensure true data privacy themselves and their customers.