That is a great name and it well describes what we are dealing with.
The Solarwinds attack worked because it took advantage of a supply chain that no one understands; not even the people within it.
Think back to Equifax. That happened because they did not understand a piece of software, which was vulnerable, was running on one of their servers. At that point, the game was over.
Like Frankenstein, corporate networks are pieced together with lots of piece parts from different vendors and those vendors have lots of suppliers. For a typical company of a couple hundred employees, they are probably dependent on a thousand suppliers. Most of whom, that company does not deal with or even know about.
Security teams at medium sized and bigger firms use 25-50 security tools from 10 different firms. Or more.
This creates blindspots. Hard to connect the data.
Add to that “hybrid clouds”. That means we take a server in this cloud; another server in another cloud. Some servers in the office. A couple in a data center. Mix in some software as a service.
How could that possibly leave any holes?
Do you use the Frankencloud?
Time to get a coherent strategy.
The head of the NSA said that the reason that the SolarWinds attack worked is that they could not connect the dots (more about that in another post). YOU need to be able to connect the dots, Frank.