This is probably not a surprise to anyone who is past elementary school – and probably not to many who are still in elementary school, but the group that was behind last year’s SolarWinds attack is still at it.
Just like with SolarWinds, they are going after the global supply chain.
140 managed service providers and cloud service providers were attacked since May and at least 14 were breached. according to Microsoft.
Russia is doing that because, like with SolarWinds, compromising one of these companies may allow Russian hackers entry into hundreds or thousands (or more) of their customers.
Unfortunately, the attackers are using a variety of tactics, so there is not a one size fits all solution.
So, what to do?
First, if you are a service provider, make sure you are doing everything you can to protect yourself. And your customers.
Second, if you use service providers – and who does not – make sure you understand where the provider’s responsibility for security ends and yours begins and also make sure that are reviewing the provider’s cyber risk protection practices as part of your vendor cyber risk program.
Remember, you can outsource the task, but if you are breached, your customer will blame you, no matter what. Credit: Bleeping Computer