DevOps is about accelerating delivery of new products and services at scale, reliably and affordably. Doing this requires comprehensive IT ...
You are here
How to mitigate against your IT monitoring software being hacked
With the news breaking of a large hack in the IT network monitoring world, we asked Rob May, VP of Engineering and Information Security at Opsview, for his thoughts:
"It's only suspected at this stage that the hack experienced by the SolarWinds Orion product is that of a nation state attack. These have been a growing threat for years, you only need to look back at WannaCry back in 2017 to see the wide hitting impact that these attacks can have on organizations and their customers.
"Malware enumerates accounts and systems when it infects a machine, so spreading to servers is expected. Servers are more consistently available on the network than workstations and infected systems need to be powered down quickly to mitigate the effect of the attack. Then you need to identify all backups and have them removed from the networks so the backups themselves don't get encrypted. Internal education continues to be the biggest protection against third party attacks. Phishing and other social engineering emails are one of the most common ways to gain access to internal systems so training staff not to click on unknown or malicious emails remains imperative.
"Another key point is to ensure that you are operating the latest product versions. All software vendors constantly run vulnerability scans and patch any vulnerabilities that are identified. If you are on an out-of-date version, there's a possibility you may have a security risk. In addition to performing vulnerability scans, most vendors will have penetration testing for new code. This is undertaken by an accredited third party. Opsview's penetration testing conforms to NCSC CHECK standard. Some engineering teams will also have peer review of code commits, another set of eyes for additional security. At Opsview, our engineering is on shore, we do not outsource our software development to third parties."