“This is the largest and most sophisticated sort of operation that we have seen.”
– Brad Smith, President, Microsoft
In December 2020, the public learned that an advanced persistent threat (APT) had compromised the SolarWinds Orion software supply chain and delivered a software update containing malicious code to over 18,000 customers. The scope of this attack is unprecedented, and the untangling exactly what happened will take years.
Drawing on testimony from the February 23, 2021 Senate Select Committee on Intelligence hearing, SpyCloud has broken the attack down into three stages, with a focus on the critical roles played by identity and password security.
No single security solution could have prevented such a sophisticated, surgical attack; however, the incident underscores the risks posed by weak and stolen credentials. Read the whitepaper to learn more about what happened, and how SpyCloud could have helped at each stage of the attack.
SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.