The Cyberattack on U.S.

A cyber attack has been detected on an unprecedented scale by the US cybersecurity firm FireEye in December of 2020. This is quite astonishing because US has premium level security with its technology. But still how can it be penetrated? What will it take to recover? This hack is known to be a supply chain attack in which hackers penetrate their target's security using a trusted third party's software. Such attacks take large-scale resources and time to pull off, indicating this has been backed by a nation. U.S. has an ongoing contentious relationship with Russia in cyberspace, having access to each other's power grid. So, Russia is suspected behind this attack by the U.S. Most of the affected networks detected so far is traced to a Texas-based company, SolarWinds. Their flagship software, called Orion, is used by over 33,000 companies. So by installing malware into an update of Orion software, all the clients using this software will get affected. Solarwinds identified 18,000 networks installing the update. The breach was undetected for months, giving hackers enough time to delete their initial entry points, creating new ones and take full control of networks. Affected networks have still not been identified. Reading the malware affected systems is not as easy as deleting Orion. It would be incredibly tedious and costly to rebuild the entire networks. U.S. uses the multibillion-dollar detection system called Einstein that identifies malware and potential attacks. But it was not equipped effectively to identify new uses of already known code, thereby allowing new malicious code to penetrate in the system. So Einstein will have to be updated to patch blindspots the hackers exploited and supplemented by scouring the code to root out malware automated defenses miss. But it would be extremely time consuming, tedious and costly.

--

--

--

Your business digitization. our responsibility.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Bypass Rate Limit — A blank space leads to this random encounter!

Keyless and Dizme have teamed up alongside Algorand to make decentralized identity technology more…

Keyless and Dizme have teamed up alongside Algorand to make decentralized identity technology more user-friendly and secure.

Ethereum Address

CyberSecurity fairy tales : The Inventory

Six common misconceptions about cybersecurity

RAIDA upgraded to world’s fastest payment system

Top 5 cyberattacks this year

{UPDATE} Gold TriPeaks Solitaire Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
applex.in

applex.in

Your business digitization. our responsibility.

More from Medium

The Human Factor 👤 & BlackCat Ransomware 🐈

No insurance cover to State sponsored Cyber Attacks

C2 Malware Detection with browing history

Adding our own Kill Chain to VECTR