In early May we began a discussion with our OODA Network members that started with an observation. About six months prior we had been through the Solar Winds attack, which from our perspective was clearly one of the most damaging attacks/espionage operations in history. Soon after that, the attack series named Hafnium by Microsoft was revealed. Hafnium had started as espionage but then turned into a Gold Rush of criminal activity, one of the worst attacks in history. Then the Codecov attack hit. This is a widely used tool for software developers that is used for managing continuous integration and continuous deployment of code. Turns out some nation state level actor modified this tool so that all code that was used by it was also copied off and sent to the bad actor. It was brilliant and absolutely one of the worst in history.
The discussion we had in early May was, since we are now getting something we could call the worst attack in history every 2 months, what can we expect next? Could the rate accelerate even more?
Since then there was the Colonial Pipeline attack, of course. Not necessarily a sophisticated actor but a new business model and good code, causing one of the…
