Security News > 2021 > March > SolarWinds attack makes us distrust the software we buy
Security expert says because we can't inspect the inner workings of the software we buy, we're at the mercy of software companies' security practices.
TechRepublic's Karen Roby spoke with Manish Gupta, founder and CEO of ShiftLeft, a code analysis software company, about the SolarWinds attack and its effect on cybersecurity.
The SolarWinds attack was novel in that the attackers infected the very software that we trust.
This breach of trust of software is huge because software is driving everything around us.
As I mentioned earlier, because of the implicit trust that we place and what perhaps makes the problem worse is if, for example, we as consumers or enterprise companies, when we download software, when we buy software from a third party, there is a very limited ability we have to inspect what is in that software.
I think one of the key reasons why people are realizing is if we take a modern software company, let's say a SaaS, Software as a Service company, 100% of their revenue comes from the software that they're hosting in the cloud.
News URL
Related news
- China names alleged US snoops over Asian Winter Games attacks (source)
- Ukrainian extradited to US for Nefilim ransomware attacks (source)
- US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks (source)
- Hackers behind UK retail attacks now targeting US companies (source)
- FBI: US officials targeted in voice deepfake attacks since April (source)
- US teen to plead guilty to extortion attack against PowerSchool (source)
- US indicts leader of Qakbot botnet linked to ransomware attacks (source)