(ISC)² Community

Are the recent ransomware headlines combined with the focus the U.S. administration has been putting on cybersecurity, especially this latest advisory, making it easier to have conversations with leadership or making leadership more responsive?   https://thehill.com/policy/cybersecurity/556625-white-house-sends-out-recommendations-to-private-sector-on-protections?rl=1   https://www.reuters.com/article/us-cyber-usa-ransomware-exclusive/exclusive-u-s-to-give-ransomware-hacks-similar-priority-as-terrorism-official-says-idUSKCN2DF26G   Just curious. What are your thoughts?

Hi All   An interesting attack against the USA, critical infrastructure, which had an immediate impact:   https://www.linkedin.com/news/story/cyberattack-forces-pipeline-closure-5058660/   "A cyber attack forced the shutdown of a key U.S. pipeline that carries almost half of the East Coast's fuel supply. Its operator, Colonial Pipeline, says 5,500 miles of pipeline has been closed while containing the breach. An anonymous source tells The Wall Street Journal ransomware appears to be involved. Analysts don’t expect fuel markets to be affected unless the shutdown lasts beyond a few days. The breach is happening after two major attacks on U.S. computer networks, and it shows "core elements of our national infrastructure continue to be vulnerable," per a former National Security Agency official."   Ransomware apparently was involved again.   So did a backup failure, or was it a human error?   Regards   Caute_cautim

Here are some important links for information and background on the hack of Solarwinds.   SunBurst: the next level of stealth SolarWinds compromise exploited through sophistication and patience https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth   Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers - Microsoft Security https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromis[…]icated-cyberattack-and-how-microsoft-defender-helps-protect/ SolarWinds releases updated advisory for new SUPERNOVA malware https://www.bleepingcomputer.com/news/security/solarwinds-releases-updated-advisory-for-new-supernova-malware/   cyber.dhs.gov - Emergency Directive 21-01 Updated guidance from CISA https://cyber.dhs.gov/ed/21-01/#supplemental-guidance   SUNSPOT Malware: A Technical Analysis | CrowdStrike This is a great analysis of how the code was injected into the Software pipeline. https://www.crowdstrike.com/blog/sunspot-malware-technical-analysis/ Hacking victim SolarWinds hires ex-Homeland Security official Krebs as consultant Stamos helped Zoom...now teamed up with Chris Krebs their first client is SolarWinds. https://www.reuters.com/article/technologyNews/idUSKBN29D0CL   Paul  

The (ISC)² Community has been updated during the last few months. Take a look at this quick (2 minute) video to learn more about new features and where to find discussions in the Community. You can find it on the Community homepage or click here to view.        https://www.youtube.com/watch?v=QsWi_uVSgOs&feature=youtu.be