The SolarWinds update chain breach incident, which was named Solorigate, is a growing concern for CISOs and other security professionals because the scope of the consequences is still unknown. A survey by the association (ISC) 2 carried out in February and published today shows that the vast majority of respondents (86%) would have classified the violation as “very” or “extremely serious” when they first became aware of it. However, about six weeks after the incident was reported, as more details emerged, the number of respondents who indicated the violation as “serious” increased from 51% to 55%. On a scale of 1 to 5, the perception of the severity of the violation also increased over time, from an initial average of 4.34 to 4.37.
This perception of increasing severity is atypical in most violations, said (ISC) 2. According to the research report, the headlines “tend to fuel speculation right after public disclosure, which is then tempered by remedying the threat. In other words, gravity increases in the short term and decreases as more information becomes available (…) The SolarWinds incident countered this trend in the eyes of cybersecurity professionals. As one interviewee observed, ‘If you had a classification of ‘catastrophic’, I would have chosen it”.
SolarWinds reported to the Securities and Exchange Commission (SEC) that up to 18,000 customers installed updates to their Orion software that had been compromised with malicious code. It is not known exactly how many of these were affected. “I still think that there are companies that were affected by the SolarWinds incident that still don’t know this,” said one survey respondent.
(ISC) 2 chose to research cybersecurity professionals about this specific cyber attack because of its scope. The goal, the institution said, was to assess the impact on cybersecurity professionals, how they are reacting and what lessons can be learned to prevent future breaches. One participant said: “The way the attack was used to potentially expose thousands of SolarWinds customers demonstrates an often overlooked threat vector.” According to another interviewee, “Attacks on our software update / patch supply chain are at the top of the list of things that keep us up at night. An attack on the software that controls our entire network and systems is even more frightening. ”
See the original post at: https://www.cisoadvisor.com.br/comunidade-de-seguranca-cada-vez-mais-inquieta-com-solorigate/?rand=59039
