This content is part of the Essential Guide: SolarWinds breach news center

Essential Guide

Browse Sections

News

Risk & Repeat: SolarWinds backdoor shakes infosec industry

By

Rob Wright, Senior News Director

Listen to this podcast

This week's Risk & Repeat podcast discusses the latest developments around the devastating SolarWinds backdoor attacks, which impacted several U.S. government agencies.

Podcast

This week's Risk & Repeat podcast discusses the latest developments in the massive SolarWinds backdoor attacks, which have resulted in the breaches of several U.S. government agencies, as well as cybersecurity vendor FireEye.

The breaches, which have been attributed to suspected nation-state hackers, were the result of a supply chain attack on SolarWinds. Threat actors implanted a backdoor, dubbed Sunburst, in legitimate, digitally signed software updates for SolarWinds' Orion IT management platform. While Microsoft, FireEye and other companies have taken several steps to mitigate the threat and protect organizations, the extent of the Sunburst threat campaign is unclear. The Cybersecurity and Infrastructure Security Agency issued an alert Thursday that said the Orion platform is not the only initial infection vector the threat actors are using, and the ongoing attacks represent a "grave risk" to both public and private sector organizations.

SearchSecurity editors Rob Wright and Alex Culafi discuss the fallout from the attacks, the response effort from the government and private sector, and the silver linings for the infosec community.

Search Networking

5 principles of change management in networking
Network change management includes five principles, including risk analysis and peer review. These best practices can help ...
A guide to Li-Fi technology
Li-Fi is an emerging wireless technology that uses visible light to transmit data instead of radio frequencies. Though still ...
AI skills for network professionals
Networking professionals must develop basic networking skills and AI to thrive in a complex landscape. Learn how AI's integration...

Search CIO

Best project portfolio management software and tools in 2025
Project portfolio management software and tools in 2025 promote strategic management of projects and agile tactics. Read our PPM ...
Google breakup likely off the table under Trump
Donald Trump might not want to break up Google, but history suggests he won't slow antitrust enforcement efforts against bad ...
Trump's Department of Government Efficiency will face issues
Big political and bureaucratic obstacles await Elon Musk and Vivek Ramaswamy, who will lead the department with the goal of ...

Search Enterprise Desktop

How to create a custom Windows 11 ISO file
With a custom Windows 11 ISO file, IT departments can streamline deployment and apply new version of Windows to repair OS ...
How to make the most of Windows Autopatch with Intune
IT administrators can use Intune to manage numerous settings related to Windows OSes and business apps. The Windows Autopatch ...
How to perform a Windows 11 ISO file install
The days of IT departments manually provisioning Windows OSes and company settings onto each PC are long gone, but IT staff still...

Cloud Computing

Microsoft Launches Azure Local for Hybrid Cloud, edge uses
Along with Azure Local, Microsoft launched a migration tool for enterprises that want to ditch their VMware by Broadcom VMs.
How to migrate legacy applications to the cloud
Enticing as cloud benefits are, it takes a lot of research and planning to know all the risks and challenges before committing to...
How to build a business case for cloud migration
Successful cloud migrations start with a solid business plan that details the costs, benefits, risks and challenges to key ...

ComputerWeekly.com

Digital Catapult hails shared infrastructure as route to decarbonisation for logistics sector
Digital Catapult has opened up about the success it has seen with using shared digital infrastructure to help the ...
Microsoft Ignite: A $4m zero-day reward plus $349 thin client
A $4m cyber hackathon prize was revealed at Ignite as part of Microsoft’s latest IT security efforts, as well as a new ...
Post Office project taking control of Horizon data from Fujitsu as part of messy split
The Post Office will no longer rely on Fujitsu for Horizon data past and present once cloud migration project is complete, in a ...

Close