What Threats Does Cyber Security Software Thwart?
February 19, 2021
I asked myself this question, “What threats does cyber security software thwart?” The SolarWinds’ misstep went undetected for months, maybe a year or more. I read “France Agency ANSSI Links Russia’s Sandworm APT to Attacks on Hosting Providers.” Reuters ran a short news item as well. You can read the report via this link. I don’t want to wade through the cyber security jargon in this post. Instead I want to highlight one fact: The “intrusions” dated back to 2017. Okay, this is another time block in which cyber security systems operated and failed to detect the malicious behavior.
The vector of attack was software used by Centreon. What’s Centreon do?
What’s ANSSI?
The French National Agency for the Security of Information Systems or Agence nationale de la sécurité des systèmes d’information.
What’s Centreon? LinkedIn says:
Centreon is a global provider of business-aware IT monitoring for always-on operations and performance excellence. The company’s holistic, AIOps-ready platform is designed for today’s complex, distributed hybrid cloud infrastructures. Privately held, Centreon was founded in 2005 as an open source software framework. Today, Centreon is trusted by organizations of all sizes across a wide range of public and private sectors. Centreon is headquartered in Paris and Toronto, with sales offices in Geneva, Luxembourg and Toulouse.
What’s Hub One?
It is a subsidiary of Aéroports de Paris. Hub One provides high speed radio networks and services to outfits like Air France and the French government.
What’s an APT?
An advanced persistent threat. The idea is that malware is inside a system or software and is able to remain undetected while it follows instructions from a bad actor.
Now back to the 2017 date.
The point is that current cyber security systems may not be able to provide the defenses which marketers tout.
We’re talking years which strikes me as very SolarWinds-like. Then there is the persistent question: What’s up with the commercial cyber security systems?
Stephen E Arnold, February 19, 2021