Reply to post: Inside or outside job?

Well, on the bright side, the SolarWinds Sunburst attack will spur the cybersecurity field to evolve all over again

Anonymous Coward
Anonymous Coward

Inside or outside job?

From the ReversingLabs analytic reports I read, the attack was teased out over several months deep in the source code slowly creating a camouflaged set of code in the right house style that was compiled directly into live builds. If the report's true, I'd be surprised if an outside hacking team was able to get in that deep, take that amount of time, and then know the existing code well enough to blend into the house-style.

The ReversingLabs report makes it feels more like work done by someone familiar with the codebase as an employee or contractor - could be someone who left, but still had a way of getting access for instance, or a contractor planted by an outside agency who had enough time to learn the system before crafting the attack piece by piece.

Reasons for hacking Solarwinds need not be spying either. For instance, the ultimate target could have been financial systems. A Solarwinds type hack would allow a team to place a trojan into an automated trading system that then buys a few more bitcoin, or overprices a stock would be almost unnoticeable - demand goes up, prices follow and a connected seller slowly makes a fortune. As more information comes out, this could turn out to be a people or HR problem as much as a system or network problem.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon