this is so scary… many of us use many third party software hosted on our servers and some with privileged access. Think prometheus images, log agents, etc. which many of us always assume its safe because it’s coming from a safe source. these hackers got their malware into solarwind’s build process which can very much happen to any of our trusted vendors/images if we’re unlucky. https://arstechnica.com/information-technology/2020/12/18000-organizations-downloaded-backdoor-planted-by-cozy-bear-hackers/
Ya, it’s super scary. And there are plenty of smaller organizations with even larger reach / distribution. It’s hard for small organizations to invest in all the safeguards, more over have the staff on hand and sophistication to deal with it.
https://www.zdnet.com/article/academics-turn-ram-into-wifi-cards-to-steal-data-from-air-gapped-systems/ it only took 3 years to go from 4000b/s using hdd lights to extract the data with some malware installed on the system to malwareless extraction at speeds around 100b/s
AIR-FI technique can send stolen data at speeds of up to 100 b/s to Wi-Fi receivers at a distance of a few meters.
Every day that goes by SolarWinds proprietary software Orion network monitoring product supply chain security failure gets bigger and bigger.