• SolarWinds
  • Jan 28, 2021
  • By QOMPLX

SolarWinds: Reminder of a Fundamental Problem

SolarWinds: Reminder of a Fundamental Problem

AI in Payments & Fraud Risk Management Summit Europe 2021
Alastair Speare-Cole as Keynote Speaker


The recent SolarWinds attack has shaken the U.S. federal government, intelligence community, and the private sector to their foundations. Attacks on software supply chains, like the SolarWinds incident, strike at the heart of modern day businesses. But SolarWinds was just the latest in a string of prominent supply chain attacks that also include the devastating NotPetya malware outbreak and the 2017 compromise of CCleaner, a widely used security tool made by the firm Avast.

What is the proper response to the SolarWinds incident and others like it? Alastair Speare-Cole, President and General Manager of the Insurance Division of QOMPLX, was invited to speak on this topic at the AI in Payments & Fraud Risk Management Summit in Europe 2021, where he shared his perspective on SolarWinds and the long-term cyber risk landscape.

“The fundamental problem is embedded deep in our systems,” Speare-Cole told attendees.  “All our systems work on the assumption that electronic identities and systems privileges are valid. Once stolen by an intruder, these electronic identities are, as far as the systems are concerned, as valid as those belonging to genuine users, and allow them to work their way deeper into systems and disappear posing as legitimate users or even creating new accounts and giving themselves administration rights.”  

“Unfortunately, the vast majority of companies today store these identities on aging and insecure technology, such as Microsoft’s Active Directory, a 20+ year old platform designed for a different era of computing, along with the Kerberos authentication protocol which was created at MIT back in the 1980s. The limitations of Active Directory and Kerberos are well demonstrated and documented. Switching out such a fundamental component of IT environments is difficult and disruptive.”

Unfortunately, the problem is not one that is simply going to disappear and there isn’t a simple patch to address the risks that these legacy technologies represent, Speare-Cole explained.  It has become critical to question and identify vulnerability because if it can happen to the most secure organizations in the world, it can happen to anyone.  Many may already be victims and don’t even realize it yet, he said.  

“SolarWinds will mark a watershed moment where the community finally turns to pay more attention to this fundamental weakness in much of our IT estate,” Speare-Cole said. “It is the root cause of much of the cyber crime and the majority of the major data breaches which strike at the heart of the increasingly digital world in which we all live.”

To watch the complete presentation, click here:  SolarWinds Keynote Presentation

You might also be interested in

Clean-up On Aisle 2452: Weighing CISA’s SolarWinds Eviction Guidelines

Clean-up On Aisle 2452: Weighing CISA’s SolarWinds Eviction Guidelines

The agency published updated guidelines on evicting UNC2452, the SolarWinds hackers. But QOMPLX says victims should weigh CISA’s recommendations carefully before they act.

Read more
CISA Offers Tool, Plans To Evict SolarWinds Hackers. You’d Better Sit Down

CISA Offers Tool, Plans To Evict SolarWinds Hackers. You’d Better Sit Down

The Federal Government’s lead cybersecurity agency released a custom scanning tool and has spelled out remediation steps for federal agencies affected by the SolarWinds attacks. They’re not for the faint of heart

Read more
Information Sharing and Cybersecurity

Information Sharing and Cybersecurity

The combination of Solar Winds/Sunburst and Microsoft Exchange cyber attacks might finally bring the digital security world to the edge of a long-needed paradigm shift towards resilience and a cyber commons that requires all participants to care for.

Read more
Request a Demo

Interested in learning more?

Subscribe today to stay informed and get regular updates from QOMPLX.