SolarWinds supply chain breach

MainTegrity presents SolarWinds avoidance - Guide / Share Europe, Feb 4, 2021

One of the few effective defenses against an attack on CI/CD development environments, similar to the SolarWinds Sunburst attack is regular contents verification. FIM+ provides protection and detection by implementing File Integrity Monitoring as an integral part of your mainframe development process. Our Change Assurance process is designed specifically to provide this functionality while cooperating fully with your existing tools and processes.

The SolarWinds was based on Microsoft platforms but the same general techniques can be just a devastating on mainframes. An excellent article on the subject was written by Trevor Eddols, recent IBM Champion, and is available here.  https://www.toolbox.com/security/network-security/articles/what-tech-leaders-can-learn-from-the-solarwinds-trojan-horse-attack/  

SolarWinds supply chain breach – What mainframers need to know

Abstract: Suspected Russian actors broke in to a trusted software development company, compromised a common software component, inserted multiple backdoors, covered their tracks and exploited the commercial product distribution channel to infect 17,000 organizations including key defense and commercial systems. Are you worried yet? Maybe you should be. The attack scales up nicely for mainframes, it is sophisticated so very hard to detect, near impossible to prevent so what the heck do we do as an industry to respond? This working group will discuss actions that need to be taken.  

If you are interested in attending the session please click here https://www.gse.org.uk/working-group/enterprise-security/