Potential Implications for US National Security Essay

Open, View, and/or
Download this Document

Total Length: 2304 words ( 8 double-spaced pages)

Total Sources: 6

Page 1 of 8

THE SOLARWINDS HACK: SECURING THE FUTURE Name______________________Topic: SolarWinds HackIssue: Zero-Day Security and Potential Implications for US National SecurityPaper Title: The SolarWinds Hack: Securing the FutureThe implication for US National Security includes foreign actors’ ability to disrupt essential infrastructure assets within the United States. These assets include oil and gas pipelines, electrical grids, and the defense sector. Foreign actors can misuse personal data through malware, spyware, and other advances, resulting in extortion and ransomware. These implications are both tangible and intangible. Tangible elements include interruptions of infrastructure (e.g., communication, food distribution, power grids, and transportation), industry (e.g., aerospace, bio-medical, healthcare, and waste management), and utilities (e.g., gas, electric, sewage, and water) within the nation. Intangible implications include the erosion of consumer confidence in everything from online retail to election integrity.BackgroundThe SolarWinds hack was major because it affected thousands of organizations, including the United States government[footnoteRef:1]. SolarWinds is a software company based in Tulsa, Oklahoma, that offers system management tools for infrastructure and network monitoring. One of the company’s performance monitoring systems is called Orion. Orion had privileged access to IT systems obtaining their system logs and performance data. The privileged position held by Orion and its deployment across the network made it an attractive target for hackers[footnoteRef:2]. Using the Orion system, hackers managed to gain access to thousands of SolarWinds customers’ systems, networks, and data. The attack is one of the largest of its kind ever recorded. Over 30,000 private and public organizations use the Orion network management system to manage their IT resources. The public organizations include local, state, and federal agencies. [1: Datta, P. (2021). Hannibal at the gates: Cyberwarfare & the Solarwinds sunburst hack. Journal of Information Technology Teaching Cases, 2043886921993126. ] [2: FireEye. (2020). Highly evasive attacker leverages SolarWinds supply chain to compromise multiple global victims with SUNBURST backdoor. ]How the Attack Took PlaceThe attack took place at the beginning of 2020, but it was not discovered till almost the end of 2020[footnoteRef:3]. The attackers were patient, and they seemed to target multiple entities by the nature of the attack they launched. SolarWinds Orion had advised its customers to exclude the software from anti-virus and End-Point Detection and Response monitoring. Due to the exclusion, the attackers managed to access the network and data of its victims without detection since their attack relied upon and behaved like an Orion system. There were multiple lines of access, control, and communication launched by the attackers from the Orion monitoring system. [3: Datta, P. (2021). Hannibal at the gates: Cyberwarfare & the Solarwinds sunburst hack. Journal of Information Technology Teaching Cases, 2043886921993126. ]The hack might have been originated from a GitHub misconfiguration error[footnoteRef:4]. Server credentials were released in a public repository, which set the stage for the attack. Once the hackers had the credentials, they managed to add their malicious code to the Orion software code and waited for SolarWinds to push the update to its customers.

Stuck Writing Your "Potential Implications for US National Security" Essay?

View All Our Example Potential Implications for US National Security Essay

Have A Custom Example Essay Written

The attackers created a digital signature and certification similar to the one used by Orion to mask their Trojan malware. The hackers relied on waiting before initiating the attack. After the code was installed on the victim’s computer, it stayed dormant for two weeks before it began scanning the environment to establish there were no monitoring systems for malware[footnoteRef:5]. Once it is established the coast is clear, the malware makes the initial connection to the remote server masking itself as genuine network traffic. The malware was hiding in plain sight, and no one recognized or flagged the traffic originating from the malware. The code allowed the hackers to open more backdoors and gain access…

[…… parts of this paper are missing, click here to view the entire document ]

…making it easy for hackers to launch their attack. Other organizations could have ignored the case for Fireeye discovering the SolarWinds hack as a false positive. However, the organization decided to investigate why there is an alert for an employee registering a new phone and the employee in question does not have a new phone. Their investigation uncovered the hack resulting in its reporting to SolarWinds for action. Such should be the case for government agencies. Any false positive detected should be investigated to confirm it is a genuine false positive[footnoteRef:15]. Even the National Security Agency did not manage to detect the attack, which indicates the prioritization placed on software from third-party companies. All software should be tested and investigated for at least one month before being deployed across the organization[footnoteRef:16]. Security patches and software updates should undergo the same testing to ensure they do not contain any malicious code. Process reengineering should take place where code repositories are investigated, and vulnerabilities reported[footnoteRef:17]. Another recommendation is to look at software from the mindset of the attacker. The invade and evade strategy worked for the Sunburst attack because no one was looking for such an attack. Most tests check when the software is delivered or when patches are released. Exploiting the waiting game, the attackers managed to bypass even the most sophisticated and advanced detection systems. Therefore, without a game change, hackers will continue gaining access to sensitive systems, and we will be playing catch up trying to fix the existing vulnerabilities instead of preventing future attacks. [15: Shlapentokh-Rothman, M., Kelly, J., Baral, A., Hemberg, E., & O\'Reilly, U.-M. (2021). Coevolutionary modeling of cyber attack patterns and mitigations using public datasets. Proceedings of the Genetic and Evolutionary Computation Conference, ] [16: FireEye. (2020). Highly evasive attacker leverages SolarWinds supply chain to compromise….....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Potential Implications For US National Security" (2021, October 12) Retrieved June 26, 2025, from
https://www.aceyourpaper.com/essays/potential-implications-national-security-2180938

Latest MLA Format (8th edition)

Copy Reference
"Potential Implications For US National Security" 12 October 2021. Web.26 June. 2025. <
https://www.aceyourpaper.com/essays/potential-implications-national-security-2180938>

Latest Chicago Format (16th edition)

Copy Reference
"Potential Implications For US National Security", 12 October 2021, Accessed.26 June. 2025,
https://www.aceyourpaper.com/essays/potential-implications-national-security-2180938
   

Open, View, and/or
Download this Document
order custom essay example