SolarWinds: Reminder of a Fundamental Problem

AI in Payments & Fraud Risk Management Summit Europe 2021
Alastair Speare-Cole as Keynote Speaker

The recent SolarWinds attack has shaken the U.S. federal government, intelligence community, and the private sector to their foundations. Attacks on software supply chains, like the SolarWinds incident, strike at the heart of modern day businesses. But SolarWinds was just the latest in a string of prominent supply chain attacks that also include the devastating NotPetya malware outbreak and the 2017 compromise of CCleaner, a widely used security tool made by the firm Avast.

What is the proper response to the SolarWinds incident and others like it? Alastair Speare-Cole, President and General Manager of the Insurance Division of QOMPLX, was invited to speak on this topic at the AI in Payments & Fraud Risk Management Summit in Europe 2021, where he shared his perspective on SolarWinds and the long-term cyber risk landscape.

“The fundamental problem is embedded deep in our systems,” Speare-Cole told attendees.  “All our systems work on the assumption that electronic identities and systems privileges are valid. Once stolen by an intruder, these electronic identities are, as far as the systems are concerned, as valid as those belonging to genuine users, and allow them to work their way deeper into systems and disappear posing as legitimate users or even creating new accounts and giving themselves administration rights.”  

“Unfortunately, the vast majority of companies today store these identities on aging and insecure technology, such as Microsoft’s Active Directory, a 20+ year old platform designed for a different era of computing, along with the Kerberos authentication protocol which was created at MIT back in the 1980s. The limitations of Active Directory and Kerberos are well demonstrated and documented. Switching out such a fundamental component of IT environments is difficult and disruptive.”

Unfortunately, the problem is not one that is simply going to disappear and there isn’t a simple patch to address the risks that these legacy technologies represent, Speare-Cole explained.  It has become critical to question and identify vulnerability because if it can happen to the most secure organizations in the world, it can happen to anyone.  Many may already be victims and don’t even realize it yet, he said.  

“SolarWinds will mark a watershed moment where the community finally turns to pay more attention to this fundamental weakness in much of our IT estate,” Speare-Cole said. “It is the root cause of much of the cyber crime and the majority of the major data breaches which strike at the heart of the increasingly digital world in which we all live.”

To watch the complete presentation, click here:  SolarWinds Keynote Presentation