Current Russia-Ukraine conflicts and the associated global Cybersecurity risks notwithstanding, 2021 began amid an unfolding large-scale supply chain infiltration from a Russian espionage team. Discovered back in December 2020 by FireEye, the SolarWinds attack led to a year of reflecting on whether we can trust the very applications that are used to monitor and protect our networks. It was also a year that continued to confirm how relentlessly and unapologetically nation-states will continue to attack the corporate and government assets of their rivals. 2021 saw the largest monetary ransomware demands ever, with Russia’s REvil hacker team’s $50M ransom demand to Apple supplier Quanta, and its $70M Kaseya VSA ransom. REvil’s Colonial Pipeline ransom in May 2021 even disrupted the U.S. Eastern fuel supply, leading to shortages, price hikes, and a geopolitical confrontation between the U.S. and Russia.
The year ended with the Log4Shell attack, with a 10-out-of-10 severity rank, and a doomed race to patch this massive world-wide software hole before every cybercriminal and nation-state espionage team can plant malicious logic and backdoors that will haunt computing environments for years to come. Sadly, this was barely a small summary of the highlights. 2021 has truly been a challenging year for anything with a CPU. It also became a year in which adversaries displayed their ability to migrate to the technical edge of commercial application development, centering their expertise on infiltrating virtualized application workloads at scale. 2021 saw many new exploits, attack patterns, and criminal business strategies arise (or mature) across all the dominant cloud platforms, APIs, and popular services.
Nation state attackers are in the cloud - One cannot help it. If you are de ..
Support the originator by clicking the read the rest link below.
