We are barely halfway into 2021, and already, high profile cyber attacks have further affirmed the important role software plays in our world today.
What do a Gas Pipeline, a Water Treatment Plant, and the U.S Government have in common this year? Software vulnerabilities leading to major and successful cyber attacks.
Just before 2021, in December of last year, it began to come to light that several departments of the US Government had been successfully hacked due a compromised software update of the Orion Network Management tool developed by SolarWinds Inc. This happened because attackers had successfully accessed SolarWinds' software development systems and placed malicious code into their Orion Software, which is used by many organizations including the U.S government.
Later on, in February 2021, the Water Treatment plant of the state of Florida in the US was hacked, and this was partly due to the plant's use of an outdated software operating system, Windows 7, which is no longer supported by the vendor, Microsoft. As such, their systems were running software with vulnerabilities that had not been taken care of. Water poisoning would have resulted for the residents of the state had the attack not been detected by an employee.
Then in May, Colonial Pipeline, a major supplier of gas to 18 states in the U.S was hit with a ransomeware attack leading to fuel shortage and a declaration of a state of emergency in those states. The networks, computers, and software systems that controlled the pipelines were usually accessed from a internal network, but because of Covid19 physical distancing and work from home policies, employees began accessing the systems via the internet. Attackers were able to exploit vulnerabilities in the networks and software of Colonial, crippling the pipeline.
The world's technology is powered by software. Secure software makes the world better.
At Resilient Software Security, our mission is to help you to develop and ship secure software systems. Let's do better together.