Observers should recognize Sunburst as part of a disturbing trend: an ongoing intelligence contest between the United States and its adversaries in which the United States is giving up leverage due to technical insecurity, deficient policy response, and a shortfall in strategy. Adding vague new secure development standards to an already overbuilt system of unmet controls and overlapping committees is not a recipe for success. Meanwhile, industry is struggling to architect its services to simultaneously and effectively defend against the latest threats, account for overlapping government requirements, and remain competitive-especially in the market for cloud services.
Ccleaner malware high level software#
The United States government continues to labor under a regulatory model for software security that does not match the ways in which software are built, bought, or deployed. Third, Sunburst was a failure of strategy much more than it was just an IT risk-management foul-up or the success of a clever adversary. Second, the United States could have done more to limit the harm of this event, especially by better prioritizing risk in federal technology systems, by making the targeted cloud services more easily defensible and capable by default, and by giving federal cybersecurity leaders better tools to adapt and govern their shared enterprise. The role of cloud computing as a target is what takes Sunburst from another in a string of supply-chain compromises to a significant intelligence-gathering coup. First, states have compromised sensitive software supply chains before. Studying the Sunburst campaign, three overarching lessons become clear. The campaign raises concerns about the existing threat model that major cloud service providers Amazon, Microsoft, and Google, utilize for their linchpin services, and the ease with which users can manage and defend these products. For cloud’s “shared responsibility” to work, cloud providers must build technology users can actually defend. The adversary inflicted the campaign’s most dramatic harm by silently moving through Microsoft’s identity software products, including those supporting Office 365 and Azure cloud services, and vacuuming up emails and files from dozens of organizations.
Sunburst was also a significant moment for cloud computing security.
.jpg "ccleaner malware high level")
1 Trey Herr, William Loomis, June Lee, and Stewart Scott, Breaking Trust: Shades of Crisis across an Insecure Software Supply Chain, Atlantic Council, July 27, 2020. The compromise of SolarWinds, part of the wider Sunburst campaign, has had enormous consequences, but, as supply-chain attacks go, it was not unprecedented, as demonstrated by seven other events from the last decade. The story of trust is an old one, but the Sunburst cyber-espionage campaign was a startling reminder of the United States’ collective cyber insecurity and the inadequacy of current US strategy to compete in a dynamic intelligence contest in cyberspace.
Both the public and private sectors must work together to ruthlessly prioritize risk, make linchpin systems in the cloud more defensible, and make federal cyber-risk management more self-adaptive. The US government and industry should embrace the idea of “persistent flow” to address this strategic shortfall emphasizing that effective cybersecurity is more about speed, balance, and concentrated action. Overlooking that question of strategy invites crises larger and more frequent than those the United States is battling today. The Sunburst crisis was a failure of strategy more than it was the product of an information-technology (IT) problem or a mythical adversary.
0 kommentar(er)
