Key Lesson Learned from The SolarWinds Breach

Last week saw the news emerge of one of the most sophisticated and wide-reaching cyber security breaches we have seen.

The breach involved hackers, penetrating software provider SolarWinds and placing a form of malware within an update of their Orion software. The result is that the malware found its way into the IT environments of an estimated 18,000 public and commercial organisations across the globe including some significant US Government departments.

Although we are familiar with the threats of malware and cyber security breaches, the scale and level of sophistication behind this attack re-emphasises an important lesson, whatever steps we take to prevent the penetration of our corporate networks, there still remains a very real risk that an attack can get through.

Lesson Learned: Detection is as Important as Prevention

Whereas it is important that every organisation takes the appropriate steps to protect their IT environment and end-users from cyber threats, it is equally important, as demonstrated from last week’s news, that you have the tools and capability in place to detect a breach if it penetrates your perimeter.

The ability to quickly spot abnormal activity within your network and applications is key in identifying malicious activity quickly and providing the level of intelligence required to isolate an attack in order to minimise impact and enable remediation.

As the perimeter of your corporate environment continues to extend to include public cloud environments and remote end-user devices, the challenge of securing this perimeter becomes a greater challenge. Add to this the reality that cyber-attacks are becoming ever more sophisticated, frequent and persistent, you need a way to be constantly monitoring for potential breaches.

A key solution that we offer at ONI is Cisco Umbrella. It provides a comprehensive range of capabilities that monitors your end-to-end environment and constantly learns what is normal and abnormal based on intelligence from the world’s internet traffic. It can see every packet, end-point and application and quickly detects activity within your environment that could be associated with a security breach.

How Can ONI Help?

Whether you are concerned about the SolarWinds breach, or similar breaches that just have not yet been discovered, we can help you to quickly put in place monitoring to help detect potential threats inside your environment.

We are offering organisations a free Proof-of-Concept of Cisco Umbrella that we provide within a full managed secure container within our data centre that is able to monitor and analyse your environment. This will enable you to identify any potential malware within your environment and provide you with detailed information about the nodes, applications or end-user devices that have been infected.

The team at ONI are here to help.  Through the Umbrella PoC, we can quickly identify any potential breaches inside your network perimeter, including indicators of compromise associated with the SolarWinds breach, help you identify affected areas of your infrastructure and assist you with the necessary steps to remediate.

If you would like to find out more, contact the ONI team on 01582 420000 or email us getintouch@oni.co.uk

 

Written by Sid Walters, Head of Presales at ONI.