Haroon Meer is the founding father of Thinkst, the corporate behind the well regarded. The recent SolarWinds mega-hack has managed to grab mainstream media headlines round the world but the more I read, the more i feel the press coverage has buried the lede.
The incident gets called a “supply chain” attack which hints at war-time tactics and, I’m willing to bet, will launch a dozen VC-backed startups. People are (rightfully) worried about the consequence since the SolarWinds attackers had access to many other development-houses and will have also poisoned those wells.
The state of enterprise security: While we’ve made progress in some areas of data security (e.g. the degree of data and skill required to take advantage of memory corruption bugs in modern operating systems) , enterprise security remains stuck pretty firmly within the early 2000s. An enterprise network consists of an untold number of disparate products, duct-taped together through poorly documented interfaces where often the quality for product integration is “this config works, don’t touch it!”. Any moderately skilled attacker will decimate an indoor corporate network long before they’re discovered, and therefore the average time it takes to realize Domain Admin is measured in hours and days rather than weeks or months. Most organizations, sadly, do not know this. They know the money spend on security is doing it right in the required senses. Most haven’t any clue they’re sitting ducks for average attackers of moderate skill, much less nation state-backed adversaries with unlimited resources.