“Those who thought SolarWinds was a once-in-a-lifetime attack didn’t see the writing on the wall. The cybercriminals behind the infamous breach are unsurprisingly at it again. This time, they’re targeting Microsoft cloud services resellers through an unsophisticated yet wide-scale attack. The attacks were preventable had companies implemented basic cyber hygiene measures such as enforcing multi-factor authentication, implementing strong password policies and enabling robust access management.
“Once again, we’re not seeing super sophisticated, never-before-seen techniques behind a major cyberattack. It’s the basics that are still tripping organisations up. What is a relatively new development over the last 12 months is a strategic and continued focus on the software supply chain. This speaks directly to the gaping supply chain security issues that SolarWinds brought to attention — break just one chain link and you can bring down the entire fence.”– Amit Yoran, Chairman and CEO, Tenable