TAG Cyber Corps Cloud Security Briefing February 2021

Authors: Iassen Christov & Nicholas Wainwright

The Austin-based software company known as SolarWinds is continuing to feel the fallout of the major breach they experienced in December of last year. This attack has affected hundreds of thousands of people and corporations all over the country. As it stands today this attack is relevant and will continue to be discussed for an extensive amount of time. Cybersecurity experts currently working on the breach have claimed that it could take months to identify the compromised systems and oust the hackers and the areas they breached. It is speculated that over 1,000 engineers have worked on this attack.

So far, there have been no consequences for the people involved in this. Without any repercussions, why would these attackers cease what they are doing? These countries are striking fear in American society as well as stealing as confidential information from public and private entities.

Microsoft has been compromised within their services relative to the SolarWinds breach. Along with Microsoft, the U.S. Treasury Department, Department of Justice, State Department, Energy Department, and the agency that protects and transports the U.S. nuclear arsenal, all were found to be compromised over the past few months. The information each entity is home to is now vulnerable with uncertain ways to combat this attack, and the information each entity possesses anything but ideal. Cybersecurity professionals across the country want government and private businesses to come together to fight back, there needs to be collaboration on the matter because it is affecting everyone.

Most government organization as well as private corporations rely on cloud services such as these for their day-to-day operations. What can these companies do in order to mitigate or avoid disasters such as these in the future? Prevention seems to be the obvious answer to this question. With the ever expanding switch to online work should there be more investments made in our cyber network security? Either way this has been a huge wake up call to all parties involved. The question now is, what’s next?

This newsletter is prepared as part of the TAG “Cyber Corps” program. This program employs college and university level students in an effort to give them accessible cyber security experience while providing affordable security information to small and micro businesses. This letter is a product created by senior level Cyber Corps students who pull research from the work their peers have done each month.