back to article Mimecast bins SolarWinds and compromised servers alike in wake of supply chain hack

Email security biz Mimecast has dumped SolarWinds' network monitoring tool in favour of Cisco's Netflow product after falling victim to the infamous December supply chain attack. In an incident report detailing its experiences of the SolarWinds compromise, Mimecast said it had "decommissioned SolarWinds Orion and replaced it …

  1. needmorehare
    FAIL

    Mimecast misses the point

    Cisco has a terrible reputation when it comes to security as well, previously shipping products with nerfed (40-bit) encryption to international customers at the request of the US government. Also, lets be honest here, everyone offering a service which is Internet based (and open to all) will be compromised at some point.

    It has happened to big names too including Microsoft, Facebook, Twitter and Red Hat. Not to mention backdoors inserted as part of PRISM. At least since the SolarWinds attack has made big news, so now they will be bolting everything down tightly...

    1. Outski Bronze badge

      Re: Mimecast misses the point

      previously shipping products with nerfed (40-bit) encryption to international customers at the request of the US government.

      You realise that was US law at the time, yes? Did you expect that they would, consciously and overtly, break export laws of the country in which they were and continue to be domiciled?

    2. Anonymous Coward
      Anonymous Coward

      Re: Mimecast misses the point

      Ah yes, but Cisco likely ships with authorised backdoors.

      Can't have every government spying on people, it would level the presently firmly tilted playing field!

      Isn't it weird how code-reviewed Huawei kit is starting to look more and more attractive every day? I guess that's why we're not allowed to use it..

      /s

  2. john.jones.name
    FAIL

    no DNSSEC and no enforcement of its own cipher preference

    their DNS servers still do not have DNSSEC (pretty basic) even though it can be abused and their website enforcement of its own cipher preference is not present.

    not exactly a good look.

    Fix the DNSSEC ASAP for your customers sake

  3. sgp Bronze badge

    Out of the frying pan

    Into the fire.

  4. Gaius

    Cisco's ESA product is in direct competition with Mimecast, so this is a curious choice. Having said that Cisco Stealthwatch is a decent product, if that's what they mean by Netflow.

  5. Mark 32

    How does this actually increase security?

    Any and every piece of software and hardware in an enterprise is open to attack and compromise. Stating they are dropping one solution for another makes little difference unless that vendor can provide guarantees and/or promise to cover any costs of compromise through their solution, which no vendor can.

    SolarWinds HAS to increase their security, as does every other solution vendor out there. Any system that, to allow it to perform its function, has to have the 'keys to the kingdom' is a strong target, as this compromise has proven the reach and power this would give a malicious actor.

    Counting down the days to the next breach at Mimecast...

  6. Anonymous Coward
    Anonymous Coward

    Not a good look for Mimecast being a security company

    Mimecast really pooped in the bed on this one...

    On 12/13/2020 FireEye and others publicly published indicators of compromise for the SolarWinds exploit. This was apparently ignored because Mimecast didn't realize a breach of their systems had occurred until 1/12/2021 when Microsoft tapped them on the shoulder. And then it took two weeks of investigation before realizing the production grid had been penetrated. Ouch...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021