SolarWinds: In the News

June 2, 2021

Here’s the good news in “SolarWinds Hackers Are Back with a New Mass Campaign, Microsoft Says.”  Microsoft and other firms are taking actions to cope with the SolarWinds’ misstep. That’s the gaffe which compromised who knows how many servers, caught the news cycle, and left the real time cyber security threat detection systems enjoying a McDo burger with crow.

I circled this positive statement:

Microsoft security researchers assess that the Nobelium’s spear-phishing operations are recurring and have increased in frequency and scope,” the MSTC post concluded. “It is anticipated that additional activity may be carried out by the group using an evolving set of tactics.

The good news is the word “evolving.” That means that whatever the cyber security wizards are doing is having some impact.

However, the bulk of the write up makes clear that the bad actors (Russian again) are recycling known methods and exploiting certain “characteristics” of what sure seem to be Microsoft-related engineering.

There are some clues about who at Microsoft are tracking this stubbed toe; for example, a vice president of cust0omer security and trust. (I like that word “trust.”)

Several observations:

  1. Phishing
  2. Surfing on Microsoft-like methods; for example, hidden DLLs, which are usually really fun
  3. A reactive approach.

What’s my take away from the explanation of the security stubbed toe: No solution. Bad actors are on the offensive and vendors and users have to sit back and wait for the next really-no-big-deal breach. Minimization of an “issue” and explaining how someone else spilled the milk will be news again. I think the perpetual motion machine has been discovered in terms of security.

Stephen E Arnold, June 2, 2021

Comments

One Response to “SolarWinds: In the News”

  1. Chronic Cyber Insecurity : Stephen E. Arnold @ Beyond Search on June 11th, 2021 5:05 am

    […] Disease.’” The exchange is not reassuring. Host Michel Martin begins with the recent news of another breach, announced by Microsoft late last month. Once again the perpetrators appear to be Russian […]

  • Archives

  • Recent Posts

  • Meta