Unlock the value of any cloud and accelerate the delivery of modern applications with VMware Cloud.
Accelerate modern app operations with network and security virtualization for WAN, data center and cloud.
Enable any employee to work anywhere, anytime with seamless employee experiences.
Secure your infrastructure across any app, any cloud and any device.
Explore tailored solutions for your application framework, cloud infrastructure and security architecture.
Build, run, manage, connect and protect all of your apps, anywhere with a digital foundation built on VMware.
Last December, the security industry was stunned by the magnitude and sophistication of the SolarWinds breach. Today, efforts are still underway to assess the impact of the more than seven-month-old cyberespionage campaign. In January, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigations (FBI), the Office of the Director National Intelligence (ODNI), and the National Security Agency (NSA) issued a joint statement announcing the plan to coordinate the investigation and remediation of the SolarWinds attack, which they cited as a significant cyber incident involving federal government networks. While the agencies work to understand the scope of the incident, the current investigative and mitigation efforts conclude.
1. Leverage a single sign-on (SSO) provider to allow for centralized and seamless authentication across the vastly distributed work environment.
2. Apply micro-segmentation. Limit an adversary’s ability to move laterally within the organization. Forcing intruders to cross trust boundaries provides an improved opportunity for detection and prevention.
3. Segment personal and professional networks. Amid COVID-19, the corporate perimeter has expanded in employee homes, ushering in a deluge of new focus toward on-home routers and networks, which is only made more challenging with the lack of visibility security professionals have into those networks (especially while they, too, work from home).
This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks.
Going forward, we anticipate that these threat actors will escalate their attacks against the west, following ongoing testing and validation of tactics across Ukraine.26 A new administration also changes the threat landscape as we consider support of the North Atlantic Treaty Organization (NATO). As the U.S. and its allies attempt to contain the threat posed by the regime, cyberattacks and the use of proxies may grow. This reality forces all organizations—private and public sectors— to take a forward-leaning approach to cybersecurity. Organizations should look to subscribe to Zero Trust architectures that extend across their infrastructure intrinsically to suppress these threat actors.
“As cybercriminals continue to evolve and develop increasingly sophisticated methods of attack, law enforcement is likewise sharpening our investigative approaches necessary to arrest and convict these criminals,” said David Smith, special agent in charge of the Criminal Division, U.S. Secret Service. “While criminal methods may change as technology advances, we must never forget that no matter how sophisticated criminals may become, they are human, and humans make mistakes. Law enforcement will always be there to exploit those mistakes.”
