Media Coverage - 2020

Media coverage published in 2020

Kawasaki Heavy Industries, a Partner of Defense Companies and Agencies, Reports Breach

December 29, 2020

SC Magazine

Managing access control and data permissions is difficult without a proper understanding of the who, what, and where of data access models. To truly understand data flow and access, organizations need to observe privilege based on real world activity and assess the access that does occur. This would allow an organization to differentiate between what should and should not occur.

Text Link

Cyber Attack, Terrorism, Theft and Scams: Threats to Covid-19 Vaccines

December 23, 2020

Le Parisien

La France a mis en place un protocole sécuritaire très strict afin d’acheminer et stocker ces vaccins en France, alors que la menace qui plane sur ces antidotes au coronavirus est protéiforme.

Text Link

Critical Flaws Put Dell Wyse Thin Client Devices at Risk

December 22, 2020

Gov Info Security

Researchers at the security firm CyberMDX have uncovered two significant vulnerabilities in certain Dell Wyse thin client devices that, if exploited, could enable threat actors to remotely run malicious code and access files on affected devices.

Text Link

SolarWinds hack: Security experts weigh in on US cyber-attack

December 21, 2020

ITP.net

The SolarWinds hack, which is reportedly being link to Russia, is shaping up to be the biggest cyber-attack this year. The attack targeted the US government, its agencies and several other private companies. It was first discovered by cybersecurity firm FireEye, and since then more developments are being reported each day.

Text Link

Vectra and Baidam to offer cybersecurity scholarships for Indigenous peoples

December 18, 2020

Security Brief AU

Vectra AI has formed a new partnership with Baidam Solutions. This partnership provides First Nations’ people with scholarships, a full education and technical skills to combat the rise in cyberattacks against businesses, government and infrastructure.

Text Link

Officials Use Language of War, Deterrence to Discuss US Response to Suspected Russian Hack

December 18, 2020

WJLA

Causing 18,000 organizations, the vast majority of which were not actually targets of interest, to have to remediate and possibly rebuild their devices and networks represent a huge amount of collateral damage," Vectra's Oliver Tavakoli said. "Obviously, the concept of collateral damage exists on a spectrum – but we can probably all agree this attack was on the far end of the spectrum.

Text Link

Have you been impacted by the massive SolarWinds hack?

December 21, 2020

Enterprise Channels MEA

Vectra's Ammar Enaya says this is a significant example of a well-executed supply chain attack compromising a popular IT administration tool as a penetration mechanism. The subsequent exploitation of authentication controls enabled the threat actor to pivot to the cloud and operate undetected for an extended time in Microsoft 365, which allowed them to gather intelligence.

Text Link

Officials use language of war, deterrence to discuss US response to suspected Russian hack

December 18, 2020

Fox News

The recentbreach, which began in March, targeted the SolarWinds Orion software, a popular IT network administration tool used by companies around the world and by U.S. government agencies including the Department of Homeland Security, the Treasury Department, the Department of Commerce, the Department of Energy, the Pentagon and the White House. The hackers attached malware to a SolarWinds software update that was downloaded by as many as 18,000 organizations.

Text Link

The 25 Best Cyber Security Books — Recommendations from the Experts

December 18, 2020

Hashed Out

While all of these things together sound like the makings of a best-selling fiction novel, the cyber security industry – and all of the threats and dangers that exist within it – is all too real. That’s one reason why cybersecurity books make for some pretty interesting reading both in terms of academics and entertainment. Hashed Out reached out to many IT and cyber security experts within the industry to inquire about their favorite books on cyber security and create a comprehensive list of the “best cyber security books.”

Text Link

Highly Skilled Hackers Breach US Agencies and Private Companies

December 18, 2020

Washington Examiner

United States officials have blamed Russian hackers for recent breaches at federal agencies, companies, and high-profile cybersecurity vendor FireEye, with the malicious activity appearing to come from highly skilled attackers. "Attackers could also set up automated workflows to consolidate all the activities and run them autonomously while quietly exfiltrating data," Vectra's Matt Walmsley shares.

Text Link

5 NDR Vendors to Watch in 2021

December 17, 2020

Solutions Review

Solutions Review’s NDR Vendors to Watch is an annual listing of solution providers we believe are worth monitoring. Companies are commonly included if they demonstrate a product roadmap aligning with our meta-analysis of the marketplace. Other criteria include recent and significant funding, talent acquisition, a disruptive or innovative new technology or product, or inclusion in a major analyst publication.

Text Link

Cyber Experts Weigh-In on FireEye Breach, SolarWinds Supply Chain Attack

December 16, 2020

Enterprise Security Tech

The recent supply chain attack, which has affected around 18,000 SolarWinds Orion customers, is thought to have been executed by a sophisticated nation-state threat actor. Vectra's Matt Walmsley says that IT administrators and security teams have access to highly privileged credentials as part of their legitimate work. Attacking the digital supply chain of their software tools is an attempt to gain penetration and persistence right at the heart of their operations, gain privileged access and to provide springboard out across their digital hybrid-cloud enterprise.

Text Link

SolarWinds Cyberattack Likely Affected Thousands Worldwide

December 16, 2020

Channel Futures

Vectra's Matt Walmsley comments on the recent SolarWinds breach, discussing how security teams need to drastically reduce the overall risk of a breach by gaining instant visibility and understanding of who and what is accessing data or changing configurations, regardless of how they are doing it, and from where.

Text Link

The SolarWinds Perfect Storm: Default Password, Access Sales and More

December 16, 2020

Threatpost

A perfect storm may have come together to make SolarWinds such a successful attack vector for the global supply-chain cyberattack discovered this week. Researchers said that includes  its use of a default password (“SolarWinds123”) that gave attackers an open door into its software-updating mechanism; and, SolarWinds’ deep visibility into customer networks.

Text Link

Here Are the Critical Responses Required of All Businesses After SolarWinds Supply-Chain Hack

December 15, 2020

SC Magazine

SolarWinds estimates that between last March and June, roughly 18,000 user organizations downloaded updates of its Orion software that Russian APT actors allegedly corrupted with Sunburst backdoor malware. John Mancini, senior product manager at Vectra, said that a core point of the DHS’ guidance for remediating the SolarWinds hack is to analyze for any listed indicators of compromise and then “identify potential behaviors in metadata that may be related to the compromise.”

Text Link

A Safe Return to Office May Mean Higher Burden for Companies to Collect, Protect Medical Data

December 15, 2020

SC Magazine

For many businesses, recovery from the pandemic fallout hinges in part on employees working safely and virus-free outside their homes. That leaves organizations facing the very real possibility that they will serve as both trackers and guardians of health data to ensure the safety of employees.

Text Link

US Treasury, Commerce Departments Hacked

December 15, 2020

Silicon

A number of key US government departments have been hacked, with concern that the attack has allowed a foreign power to monitor American government communication.

Text Link

Hackers breach US agencies, Homeland Security a reported target

December 14, 2020

The Daily Mail

SolarWinds over the weekend admitted that hackers had exploited a backdoor in an update of some of its software released between March and June. The hacks are part of a wider campaign that also hit major cybersecurity firm FireEye, which said its own defenses had been breached by sophisticated attackers who stole tools used to test customers' computer systems.

Text Link

Cyberespionnage des Agences US : comment les attaquants compromettent les comptes Microsoft 365 commente Vectra

December 14, 2020

Global Security Mag

L’Agence de cybersécurité et de sécurité des infrastructures (CISA) du gouvernement américain a publié une directive d’urgence appelant « toutes les agences fédérales américaines à examiner leurs réseaux à la recherche d’indicateurs de compromission et à déconnecter ou éteindre immédiatement les produits SolarWinds Orion ».

Text Link

Hackers breach US agencies, Homeland Security a reported target

December 14, 2020

The US Department of Homeland Security was the third federal department to be targeted in a major cyberattack, US media reported on Monday, a day after Washington revealed the hack which may have been coordinated by a foreign government.

Business Times

Text Link

Hackers breach US agencies, Homeland Security a reported target

December 14, 2020

Digital Journal

The US Department of Homeland Security was the third federal department to be targeted in a major cyberattack, US media reported Monday, a day after Washington revealed the hack which may have been coordinated by a foreign government.

Text Link

18,000 Organizations Possibly Compromised in Massive Supply-Chain Cyberattack

December 14, 2020

Dark Reading

In what may well turn out to be one of the most significant supply-chain attacks in recent years, a likely nation-state backed group compromised systems at SolarWinds and inserted malware into updates of the company's widely used Orion network management products that were released between March and June 2020. Matt Walmsley, EMEA director at Vectra, says the attackers likely manipulated Security Assertion Mark-up Language (SAML) authentication tokens used in Single Sign On to try and escalate privileges in the early stages of the campaign.

Text Link

How Worried Should I Be About My Password Being Compromised, Stolen In A Data Breach? Experts Say This

December 13, 2020

Forbes

After a major data breach, do criminals actually have your password even if it has been encrypted? Companies have various ways of encrypting passwords. There are also techniques called salting and hashing. The upshot is, the average user will not take the time to find out how the affected company does their encrypting—or hashing or salting for that matter.

Text Link

Cybersecurity in 2021: 5 Trends Security Pros Need to Know

December 14, 2020

DICE News

With 2021 fast approaching, cybersecurity experts and analysts note that cybersecurity will continue to evolve even as most of the world enters a post-COVID-19 era, with cybercriminals, threat actors and nation-state hackers ready to take advantage of whatever may happen next. This will keep CISOs, their security teams, as well as their counterparts in IT, trying to catch up and stay ahead.

Text Link

The next big thing in security

December 13, 2020

Network Middle East

Oliver Tavakoli, our CTO, shares his thoughts on the upcoming cybersecurity trends to watch.

Text Link