Missing the Big Picture from the SolarWinds Hack

The cybersecurity industry is consumed with scale and effectiveness of one of the biggest hacks in recent memory. The emerging narrative and stories are missing important pieces of the puzzle. The attackers, likely a nation-state, gained unprecedented access to the U.S. government, military, critical infrastructure, and most major businesses.

The full scope and reasons are not clear, but it is imperative to figure out. The mystery must be solved, for the benefit of everyone, so we can prepare for what is next.

Due to the sophistication of this attack, it is believed that a major Nation-State is behind it. No surprise there.

The Treasury and Commerce departments reported surveillance of internal emails. FireEye determined that their RedHat hacking tools were stolen.

But here is the problem. We are missing a very important piece to this puzzle.

This could be one of the best hacks of the decade. Unprecedented access by a nation-state into the government, intelligence apparatus, military, business, critical infrastructure, and the industrial base. Enabling a capability to persist, and undermine the confidentiality, integrity, and availability of systems critical to the government, defense, and economy.

…and the attackers use it to sniff email and steal some open-source tools? What?!?! That does not make any sense.

I tell you now, we are missing a bigger play by the attackers. There is something that we have not pieced together yet.

If you have such a miraculous capability, you don’t squander it away for petty gains.

Now the likely candidates for this attack are either the Russians or Chinese, neither of which have admitted any involvement. But the reality, whichever nation conducted this brilliant hack, they are smart, capable, patient, and think strategically. They have a long-term plan.

I doubt it only includes reading emails and playing with some tools they already possess.

I believe there is something more dubious and grandiose going on. A master plan that required gathering of specific intelligence. This is just one piece of a greater effort that WE DON’T YET UNDERSTAND!

So, we must dig deeper. Put on Columbo’s trench coat and think bigger to connect all the pieces to understand the motivations and true scope of what this attack means in the bigger context. Until we do, we are still at grave risk.

Keep digging. We must determine the true intentions and objectives of whomever has orchestrated this masterful attack against the United States.

Written by

Cybersecurity Strategist and CISO specializing in the evolution of threats, opportunities, and risks in pursuit of optimal security

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store