image credit: Unsplash

How to prepare for and respond to a SolarWinds-type attack

January 6, 2021

If you use the recently compromised SolarWinds Orion monitoring products, you are already reviewing your infrastructure and possibly blocking network access to the servers in your domain. For those of you who do not use the SolarWinds software, this is an opportunity to review your own processes and determine whether you would have detected the compromised code and backdoors.

The instructions for mitigating the SolarWinds compromise, provided by the US Cybersecurity and Infrastructure Security Agency (CISA), are a good example of the process required to identify and remove sophisticated advanced persistent threats (APTs), even those executed by nation-states.

Read More on CSO Online