Solarwinds is a reminder that collaboration is key to Cybersecurity
As the year almost came to an end, hackers demonstrated their skills in one of the potentially largest attacks in years. Hackers managed to infiltrate the SolarWinds software update system and “trojanize” updates sent to customers. The backdoor installed on infected networks waited at least two weeks before contacting command and control systems, which helped the intruders evade detection. The most high-profile victim so far is the US government.
In the early days of discovering this attack, we already saw some respectable moves by FireEye with a great level of transparency - informing others on what was going on. Another important actor in this matter was Microsoft. In alignment with CISA they took a series of important steps against the recent SolarWinds supply chain attack. The speed, scope and scale of Microsoft’s response were unprecedented.
One thing is for sure, it will take a while to get a picture of what information the attackers harvested and what they left inside occupied systems. However, this is yet another demonstration of why "Cybersecurity is more important than ever" - and why collaboration is key.
In fact, in the coming months, our digital infrastructure will become even more indispensable, not the least because high hopes for fighting Covid-19 rest on digital technology - be it for contact tracing, testing or the deployment of vaccines.
Perpetrators make use of our increased reliance on digital technology. For instance, they use targeted email fraud abusing Covid-19 fears. They use information on cures, clinical trials and ongoing research to sell bogus products to the highest bidder, which often are health organizations, public institutions or even national governments frantically trying to battle the pandemic. Cybercriminals also exploit vulnerabilities in infrastructure that can afford being attacked the least. They pose a real threat to the lives of patients when they target hospitals, medical centers or research hubs. A ransomware attack can tie up critical resources and lead to loss of human lives. Some of the most despicable attacks included cyberattacks on the World Health Organization and hospitals in Spain, the Czech Republic and other countries.
If we are to build resilient cybersecurity infrastructure, cooperation is key. Cooperation is required in two dimensions: both vertically (along the supply chain) and horizontally (across the industry). This requires to take a holistic view of the infrastructure. It means including small and medium sized organizations and their often limited resources in any of the aforementioned measures. It is a matter of responsibility for larger organizations to help them in their cybersecurity efforts. And - as demonstrated by SolarWinds - attacks coming through the supply chain can be powerful, because they reach a vast amount of targets at once. Solarwinds themselves reported around 18000 customers as potentially being compromised. Therefore, we need to foster a culture of transparency – resulting in an open flow of information, best practices and threat intelligence sharing.
We also need to take a global view of the current situation. During this pandemic, we have to focus on international cooperation and dialogue. National mitigation measures should not be taken at the expense of others nor should we try to outdo each other in the search for medical responses – we need to work together. In the same way, securing our digital infrastructures requires a cooperative, not competitive, mindset among governments and businesses at all levels, and all along international supply chains.
Effective cybersecurity measures focus on targeted investment in approaches, open technologies and standards that incorporate the technology, business and policy perspective. Only by combining these different perspectives, and doing so across borders, will we achieve trust in digital infrastructure and enable its resilience. This is exactly what Cybersecurity initiatives like the Global Cybersecurity Alliance, WEF Center for Cybersecurity, TechAccord or the Charter of Trust are working on, now more than ever.
Let the SolarWinds case be yet another reminder, that we need to actively manage the current cybersecurity risk environment and continue to invest in our collective cyber resilience. Both online and offline, the stakes are high: it concerns our health, our social and economic stability.