CISA believes SolarWinds attack could have been prevented with simple countermeasures
The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) says the 2020 SolarWinds supply chain cybersecurity compromise could have been prevented with a decade-old security recommendation.
In a letter to Senator Ron Wyden, CISA says a firewall blocking all outgoing connections to the internet would have neutralized the SolarWinds malware. "While CISA did observe victim networks with this configuration that successfully blocked connection attempts and had no follow-on exploitation, the effectiveness of this preventative measure is not applicable to all types of intrusions and may not be feasible given operational requirements for some agencies," Brandon Wales, Acting Director, says.