Part of Intelligent Utility® Network »

Digital Utility Group

The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

Shared Link

SolarWinds hackers kept busy in the year since the seminal hack, Mandiant finds - CyberScoop

Richard Brooks's picture
Richard Brooks 106311
Co-Founder and Lead Software Engineer Reliable Energy Analytics LLC

Inventor of patent 11,374,961: METHODS FOR VERIFICATION OF SOFTWARE OBJECT AUTHENTICITY AND INTEGRITY and the Software Assurance Guardian™ (SAG ™) Point Man™ (SAG-PM™) software and SAGScore™...

  • Member since 2018
  • 1,462 items added with 612,739 views
  • Dec 6, 2021
  • 231 views

No surprises here. I would anticipate an uptick in activities now that tensions are running higher with the Ukraine situation. The research points to “multiple instances” where CSPs [Cloud Service Providers] were compromised, giving the attackers privileged access and credentials that then allowed the compromise of the downstream customers. In one case evidence was found suggesting the attackers used a session token stolen by a third party to target an unidentified Microsoft 365 environment.

SolarWinds hackers kept busy in the year since the seminal hack, Mandiant finds - CyberScoop

Hackers associated with the SolarWinds supply chain compromise have been busy in the year since that attack was revealed, compromising multiple cloud solution companies with the goal of stealing data relevant to Russian interests and finding routes to add

Read More
Source: www.cyberscoop.com
Richard Brooks's picture
Thank Richard for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member
Discussions
Spell checking: Press the CTRL or COMMAND key then click on the underlined misspelled word.
Bob Meinetz's picture
Bob Meinetz on Dec 6, 2021

After a cloud-based web presence I had developed for a company inexplicably and irretrievably disappeared one day, I've avoided cloud service providers - hard lesson, learned:

"We're going to take all of your company's intellectual property, your personal employees' data, and your clients' personal and financial data, and put it on a server somewhere. We don't know exactly where, and we're not even positive the company who's doing it for us knows, either. But you should have full confidence that someone, somewhere, will diligently guard access to it, with only your best interests in mind."

What could possibly go wrong?

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »

Your access to Member Features is limited.

Apply for membership
Related Content
What’s the best SBOM? No SBOM. What’s the best VEX? No VEX.
9 ½ years!
What are NERC CIP Supply Chain Standards? An Overview of New Compliance Regulations
Beware the Cost of Data Breaches