Continuity of Business Following the Solar Winds Cyber Attack – Part 2 of 2

Continuity of Business Following the Solar Winds Cyber Attack

The widespread Sunburst attack on US government agencies and corporations is widely regarded as one of the most consequential cyberattack against the U.S. to date. In our last post, we dove into the strategies and cybersecurity methodologies necessary to protect your organization against becoming the next victim of this kind of massive attack. Now, we’ll dive a little further into exactly how Blue Ridge Networks can help.

Even before the COVID-19 pandemic forced a massive shift towards remote operations, organizations across the board had an intrinsic dependence on critical systems within the IT infrastructure.  The definition of “critical systems” is highly variable and often carries different meanings for different organizations, but some examples are:

  • IT servers and the associated management plane.
  • Departmental systems, only accessible to a limited group of personnel. Examples like C-suite, legal, HR, Finance, medical professionals, security, and IT operations.
  • Operational technology systems like building management systems, physical security, factory operations, the electric power generation and distribution systems, transportation systems, and many others.

Each of these systems depends upon external networks, such as time clock synchronization, the world-wide DNS infrastructure, and update servers from third party vendors. Some of these operate automatically and there’s evidence some have been subverted to attack dependent systems. The recent Sunburst attack was not the first and will not be the last to exploit vulnerabilities in external networks.

That’s where we come in. Blue Ridge Networks has evolved LinkGuard over many years to provide the best protection against the most aggressive threat vectors. It is trusted by commercial, defense and public sector customers, and has never been known to be compromised.

Within a LinkGuard enclave, protected systems can operate without risk. Because the system has no external dependencies, a hardware root of trust, and its own cryptographic credentialing system, the solution provides a high caliber of security. The enclave can be extended over virtually any communications media including public, private, wired, and wireless networks to provide remote access without introducing a firewall or VPN that could be compromised.

The Sunburst attack was so pervasive that cloud credentials for all major providers were probably stolen, but establishing access via LinkGuard could have prevented the credential theft.  By definition, the enclave does not extend into the cloud. In fact, many of our customers have established specific points of egress from their LinkGuard enclave to a direct cloud access system. This highly secure system only allows for communications between the customer’s cloud assets and the enclave, and only allows administrative access from within the LinkGuard enclave. As a result, it would not be subject to an attack that could potentially repeat the credential theft.

Perhaps most importantly, this level of enhanced security can be achieved rapidly, at low cost, and without augmentation of the existing system structure. LinkGuard offers a practical, preventative and realistic solution that could save your organization from becoming the next victim. If you have any questions about LinkGuard or your own security infrastructure, please feel free to reach out to our team of experts.