The SolarWinds attack, disclosed by security firm FireEye and Microsoft in December, may have breached as many as 18,000 government and private sector organizations. It has been characterized as the largest and most sophisticated cyber attack the world has ever seen, and was made possible by the Sunburst malware the attackers implanted in legitimate digitally signed DLL files in SolarWinds’ Orion update packages.
This video from ThreatConnect breaks down how the Sunburst attack worked and offers critical insights into how a combination of focused dashboards, automated threat hunting and workflow within ThreatConnect can help threat intelligence analysts and incident responders streamline response processes when Sunburst or other incidents like it occur.