Threat Intelligence & Incident Response

Threat Intelligence & Incident Response
If these companies were affected then the foundation of computing could be at risk. If you could manipulate at the hardware layer via the firmware, BIOS, ect then a threat actor could weaponize well below the operating system which brings in to question the integrity of the entire computing stack and everything above it.  The firmware and bios are like the rebar and concrete for a building. If that foundation is weak then the entire structure and anything dependent on it is at risk. We cannot underestimate the potential or the severity of these companies being potentially affected by the SolarWinds hack and what that means for the foundational computing hardware they provide to the world.  What do others think ?  How could this impact your organization ?   Big tech companies including Intel, Nvidia, and Cisco were all infected during the SolarWinds hack - The Verge

Top Answer :

If a cybersecurity company like FireEye can be breached by a state actor, how concerned are you about malicious actors?

Top Answer : Every company can be breached. It’s trite, but it is not a matter of if, but when. With that, FireEye was an extremely big target. They had information about much of the Fortune 500 and Federal  government. They also had a large cache of powerful security tools. This made them one of the largest targets in the world. They were ostensibly the victim of a nation-state attack. These nation-state attacks require people and money, and they are limited who they can attack. So it is not like every company is going to be a target of nation-state attacks.  But if you are on their radar, ensure your guard is up.