The SolarWinds hack and its proptech implications – The Property Chronicle
Select your region of interest:

Real estate, alternative real assets and other diversions

The SolarWinds hack and its proptech implications

Technology

On 16 December 2020 the following joint statement was issued by the FBI, the Cybersecurity & Infrastructure Security Agency and the Office of the Director of National Intelligence: “Over the course of the past several days, the FBI, CISA, and ODNI have become aware of a significant and ongoing cybersecurity campaign.”

What’s been widely labelled as the SolarWinds attack was presumably the longest-lasting, most sophisticated and impactful penetration of the global IT infrastructure.

Others called it a digital 9/11.

What the heck happened and why should we care?

In a 14 December 2020 SEC filing, SolarWinds Corp described the features of the hack, a so-called supply-chain attack. A presumably state-sponsored cyber foe managed to compromise the software build system of its Orion platform. This system is an automated tool to create software (and updates) by compiling (translating) source code into machine-digestible binary code, packaging binary code and running tests (debugging).

Source: breachlock.com (a cybersecurity penetration testing company)

During the course of the attack intruders added malicious code, a so-called backdoor, into one of Orion’s platform updates released to and installed by SolarWinds Orion customers around the world between March and June 2020. This backdoor enabled third parties to siphon off data and/or insert malware into the customer’s software applications. The features of the hack (small footprint, in-country IP disguise, digital signatures etc.) indicate highly sophisticated actors.

What is the SolarWinds Orion platform being used for?

SolarWinds marketing folks describe it in a nutshell as follows: “One vendor. One platform. One single pane of glass.” (One is inclined to add: One single point of entry!)

Looking closer, the platform acts as a one-stop-shop to monitor and manage an organisation’s entire IT environment comprised of its physical, virtualised and cloud IT components.

For organisations using the Orion platform this is like losing not just a single key, but an entire key chain, resulting in universal access not only to your house, but also the safe and every locked drawer






Technology

About Martin Schwarzburg

Martin Schwarzburg

Martin Schwarzburg is arranging finance for emerging market infrastructure, energy and real estate projects as an emerging market banker with Brigg Macadam. He previously served as Global COO Real Estate for the Abu Dhabi Investment Authority (ADIA) .

Articles by Martin Schwarzburg

Subscribe to our magazine now!

SUBSCRIBE