Does This Mean Bad Actors Are Now Riding in 10,000 SolarWinds Powered Digital Sailboats?

January 12, 2021

I read “Hackers Breaking into Networks without SolarWinds, CISA Says.” The write up states that the Cybersecurity and Infrastructure Security Agency offered:

“Specifically, we are investigating incidents in which activity indicating abuse of Security Assertion Markup Language (SAML) tokens consistent with this adversary’s behavior is present, yet where impacted SolarWinds instances have not been identified,” according to updated guidance published Jan 6. “CISA is continuing to work to confirm initial access vectors and identify any changes to the tactics, techniques, and procedures (TTPs).”

Based upon my limited understanding, is this similar to 10,000 sailboats zipping around a big lake? A couple of coast guard patrols may have difficulty monitoring the carefree scofflaws. To make matters more challenging, the sailboats are used by other people who are trespassing on government land and private property in order to join the digital rave.

To sum up, the SolarWinds’ misstep may have been the one lane road which the visitors are using to explore the great big data lake. And the party has been going on for how long? Oh, right. No one knows for sure.

Stephen E Arnold, January 14, 2021

Written by Stephen E. Arnold · Filed Under cybersecurity, News

Comments

Comments are closed.

Search the site
Subscribe to Beyond Search
Feature archive
News archive

Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.