Three stories defining cyber in the first half of 2021
The first half of 2021 began where 2020 was interrupted. This is not good news for those whose mission is to keep their organization’s systems and data secure.
Let’s take a look at three of the main themes so far. SolarWinds supply chain attacks, widespread exploitation of Exchange Server vulnerabilities, and a continuous tragedy of ransomware.
SolarWinds
Last December, security firm FireEye reported an attack believed to be by a country-sponsored threat group that stole some of the hacking tools the company used to test customer defenses.
Following FireEye’s approval, a US government statement was issued detailing state-sponsored attacks on the US Treasury, Commerce, and possibly other sectors. The list became anxiously long over the years and even included the US nuclear weapons agency.
Attackers were found to have unlimited access to their internal email systems, allowing them to monitor email from these agencies for months, and in some cases up to a year.
Soon, the entry point was identified as a malicious…
