Research Report

Breaking Down the SolarWinds Breach: an Inside Look at the Methods Used

Download

HIGHLIGHTS

Multiple communication channels, phases, and tools were used to establish interactive, hands-on-keyboard control. Each phase was designed to minimize the chance of detection, with techniques that defeat IDS tool signatures, EDR, manual threat hunting, and even common approaches to ML-based detection.
The DGA used in this attack was different: a single, unique subdomain was generated for each victim, compromised of a globally unique ID calculated from local attributes and an encoding of the victim hostname.
Vectra’s AI will see through the evasion tactics applied and detect the tunnels as soon as they go active.
Vectra uniquely protects the entire network of hybrid, on-premise, and cloud connectivity with learning behavioral models that understand both hosts and identities—tracking and stopping attackers earlier in the kill chain.

‍

Download the Datasheet

Select language to download

Instant Free Access

First name*

Last name*

Business e-mail

Country/Region

I agree to the processing of my personal data by Vectra AI, Inc., and to Vectra’s Terms of Use and Vectra’s Privacy Policy. I understand I may unsubscribe from Vectra communications at any time.*

Thank you for your interest!

Please access your free offer below.

The Download Link will reach your mailbox shortly!

Download your asset – English

Download your asset – French

Download your asset – German

Download your asset – Japanese

Download your asset – Spanish

Oops! Something went wrong while submitting the form.