This latest revelation further escalates the critical need for chief compliance officers to collaborate with their business counterparts to identify and mitigate potentially unknown threats lurking in the third-party cloud supply chain.
“‘If SolarWinds is something our vendor uses, does this vulnerability become ours?’ I would say absolutely.”
Sam Abadir, Director of Industry Solutions, NAVEX Global
The Cybersecurity and Infrastructure Security Agency (CISA) said it has uncovered evidence of “initial access vectors other than the SolarWinds Orion platform and has identified legitimate account abuse as one of these vectors.” In an alert, CISA said it’s investigating incidents that exhibit adversary tactics, techniques, and procedures (TTPs), “including some where victims either do not leverage SolarWinds Orion, or where SolarWinds Orion was present but where there was no SolarWinds exploitation activity observed.”
Hackers obtained initial access in some cases by guessing passwords and exploiting administrative credentials, including by gaining privileged access to Microsoft cloud software. “It is likely that the adversary has additional initial access…
