The Massive SolarWinds Hack Explained in Context

I get this question a lot from business folks. Outstanding job John on describing a complex cybersecurity incident in an entertaining and interesting way!

mattyarbrough

Thanks for this informative video :)

Actually currently doing a project which seeks to understand more about the Solar Winds Hack and how it can impact a business environment.

My takeaways:
Characteristics of SUNBURST backdoor
1) Lies dormant for 2 weeks.
2) Checks that there are no running processes related to security software (example: Wireshark)
3) Only steals minute amounts of data at a time. Also, the data that is stolen is encrypted and encapsulated within legitimate data. In this way, network monitoring software won't flag out these packets as they represent so-called normal analytics traffic.

Also thanks for the compiling the YouTube playlist to further understand the Solar Winds Hack :)

arunkaruppiah

High quality explanation. First time I understood what they meant by SolarWinds hack

thefreedom

Very nice video. You should go into technicalities of the hack. I would binge that :).

alslider

Great video, I subscribed. Keep making videos this high quality and you're sure to grow this channel.

jackditto

Thank you John, very well said. People remain the weakest link, and corporations should take note to train their employees (and also keep them satisfied reasonably!)

XedGeneral

Great explanation and use of infographics and reference material.

MrGatsby

Thanks so much for this, and listing the sources as well! I just got back into cybersecurity, and have been researching this both for my own interests, and because I was asked to be a guest on a podcast discussing this matter. I definitely can understand and follow along, but my skills aren't APT level...yet 🤣. I'll be sure to name you in my sources!

jpiercelt

Great video John! Always making really good videos!

GiulianoGiacaglia

Company restructuring after being sold plus possible IT outsourcing to cut cost could lead to this kind of things happened.

angy

As development of digital life moves on and therefore the specialization of IT support and development is increasingly diversifying, having the focus on supply chain attacks becomes more and more crucial in companies IT securities...

rjk

Programmers are not the samething as hackers. Totally different. All hackers can program, few programmers can hack.

mattsilver

Thank you from the informations, i'm preparing for my master thesis about " The effectiveness of US security systems in the face of cyber threats, case study : solarwinds attack " i wanna know if the part name of the case study is right or do you suggest any changes ? i accept any help for that, also if you have any websites or articles about this attack, i will be thankful for your help :)

syphaxxxxx

Amazing content! great effort thank you 😊 subscribing now

Maad

I don't want to add a thumbs up to your video because it's on a magical lucky number 777...lol

lancemarchetti

Where can I buy one of those coolers ?

jimgetz

The ones (executives) who needs to get more serious about subject only blame and don’t have responsibility. If process aren’t built begin a top level, how are you supposed to give examples for staff members.

gmiranda

Still a lot of unanswered questions. For instance if a company had there data encrypted would this hack been able to take that data

johnfarmer

dude you have 1.7k subs how did you get the verified checkmark?

LucianC