Surviving 2020’s ransomware: SolarWinds’ cybersecurity revamp and APAC expansion

• The SunBurst attack was a pivotal moment for SolarWinds and partners.
• SolarWinds aims to amplify APAC presence with localized strategies.

In the realm of cybersecurity, the year 2020 will forever be scarred by an incident of monstrous proportions, a deceptive invasion that would forever alter perceptions. SolarWinds, a name once resonant with IT proficiency, transformed overnight into a stark symbol of broad systemic vulnerabilities and audacious cyber subversion. This was no run-of-the-mill cyber intrusion – it was the infamous SolarWinds ransomware attack, a profound game-changer in global cybersecurity narratives.

The ransomware incident that changed the cybersecurity landscape

The uniqueness of the SolarWinds fiasco lay not just in its grave repercussions, but in the cunning subtlety of its execution. The perpetrators seized a standard software update of SolarWinds’ Orion Platform, a universally used network management tool. In a sly move, the malicious code was not present from the start; it was stealthily slipped into an update, creating a quintessential “supply chain attack.” In one swift maneuver, the wrongdoers infiltrated the core systems of thousands of organizations, virtually undetected and seemingly untouchable.

However, the audacity of the attack was merely one facet of the shock. The orchestration and complexity of the campaign left the cybersecurity world reeling. Over several months, the attackers wielded unrestricted control over the data reserves of numerous businesses and government agencies, accessing a horrifying array of sensitive information. This starkly exposed the interconnected world’s susceptibility, serving as a potent reminder of how significantly a stealthy cyber offensive can destabilize global infrastructure.

Though SolarWinds’ name has become associated with the notorious ransomware incident, some regard it as a fortunate misfortune. In conversation with Tech Wire Asia, Aten Lim, Managing Director, APJ of SolarWinds, elaborated on this perspective, asserting that the SunBurst attack marked a turning point for SolarWinds and its affiliates. Far from being defeated, the company transformed the crisis into an avenue for expansion and evolution.

“We launched the Secure by Design initiative as a result of this event, representing a paradigm shift in our cybersecurity approach,” Lim remarked. “Secure by Design goes beyond software protection and encompasses a comprehensive strategy prioritizing cybersecurity throughout the entire lifecycle management process. This includes strengthening internal systems, upgrading endpoint protection and data loss prevention solutions, adopting a zero-trust mindset, and implementing least-privilege access methodologies.”

The SolarWinds supply chain attack evolved into a global hacking crisis, as threat actors weaponized the Orion software to breach numerous government and private systems worldwide. The inherent access granted by the software and, consequently, the Sunburst malware posed severe breach risks to countless networks and systems.

This hack, however, may well be the impetus for swift, expansive change in the cybersecurity industry. In the aftermath, various companies and government bodies are strategizing proactive responses to such attacks. The prevailing realization is that merely erecting a firewall doesn’t suffice; organizations must proactively identify and fortify system vulnerabilities, or cleverly convert them into bait for potential attacks.

Guarding customers in the cybersecurity battle against ransomware

Upon uncovering the breach, SolarWinds directed its clientele to upgrade their current Orion platform, releasing fixes for the malware and other possible weak spots discovered following the initial onslaught. Clients who found themselves unable to upgrade were counselled to quarantine SolarWinds servers or alter passwords linked to server access.

Organizations should consider adopting modern software-as-a-service tools for enhanced monitoring and collaboration. While the cybersecurity industry has advanced significantly over the past decade, such attacks underscore that the journey towards genuinely secure systems is far from over.

Lim emphasized that organizations need to keep pace with these changes as technology evolves while maintaining secure operations. “At SolarWinds, we prioritize security in every IT process. Our Secure by Design initiative is all about proactively monitoring known vulnerabilities and follows the zero-trust cybersecurity model. This means every access to company information or services must be verified to prevent unauthorized network access,” Lim elaborated.

In addition, SolarWinds underscores the significant role that monitoring tools play. Consequently, their observability solutions are engineered to provide a consolidated view of IT environments, empowering businesses to pinpoint and rectify issues efficiently.

Indeed, SolarWinds acknowledges the profound global impact of severe cyberattack incidents. Reflecting on regions like APAC, the IDC survey provides a startling revelation: more than 70% of organizations surveyed encountered cyberattacks in the previous year, with a staggering 55% conceding to ransom demands to mitigate operational disruptions and financial loss.

Recognizing the gravity of the threat, regional businesses are amplifying investments in tools and solutions to establish resilience against cyber incursions. SolarWinds, in response, is strategizing to broaden its influence in the APAC region. With China and Japan, two of the global economic titans, residing in this region, SolarWinds deems their engagement as strategically crucial. Moreover, rapidly flourishing economies like India and the SEA nations offer tantalizing prospects that SolarWinds aims to leverage.

Aligning with IDC’s Worldwide Cloud 2023 Predictions, organizations in this region are reaching maturity in their usage of cloud, data, and cutting-edge technologies. Forecasts for 2027 suggest that a substantial 70% will invest in specialized, performance-intensive cloud-based computing environments.

“Given the significant demand, SolarWinds enjoys abundant opportunities to help businesses in APAC to modernize and accelerate their IT transformation journeys, enabling them to achieve greater efficiencies and growth,” elaborated Lim.

Managing massive data quantities and facilitating seamless collaboration

When asked about how SolarWinds aims to address the unique challenges and opportunities in the APAC region, Lim said, recognizing the dynamic landscape, SolarWinds has designed its Observability solutions to be highly adaptable and capable of catering to the diverse needs of different IT personas at various stages of their cloud journeys. This flexibility is achieved through a unified product that addresses the requirements of multiple stakeholders.

Over recent years, technological innovations like infrastructure virtualization and containerization have been developed to support the digitization of business operations. However, traditional IT tools need adaptation to manage the complexity of data from new containerized microservices.

These advancements are part of the cloud-native revolution, where observability has become crucial for managing and monitoring the performance of cloud-based systems.

Maintaining observability and control is essential for IT teams during cloud migration, ensuring a consistent user experience. This is particularly vital in the current hybrid work scenario with increasing reliance on cloud technologies.

Cloud observability enables organizations to track and enhance application performance throughout cloud migration. The absence of this can complicate the migration process, potentially impacting end-user experience and increasing cybersecurity threats.

via GIPHY

Cloud observability solutions assist businesses in complying with evolving rules surrounding data governance. Specifically designed to deal with the copious data generated in cloud-based settings, these platforms can effortlessly adjust to suit the specific needs of any organization.

Furthermore, these platforms offer increased flexibility in terms of collaboration and integration. They allow distributed teams to work seamlessly and interact with other systems, providing a more comprehensive cloud environment management. This assists businesses in identifying latent risks and limitations in their architectural challenges.

“We recognize the importance of localization in this multilingual region,” Lim emphasized. “As a result, we are actively pursuing language localization as part of our offerings. Additionally, we have sales and pre-sales resources deployed locally to better cater to the diverse needs of our customers. To better support our customers, we collaborated with leading partners to build a robust ecosystem catering to the region’s IT needs.”

SolarWinds’ first ITSM data center in Australia

As an integral aspect of SolarWinds’ global strategy, the APAC region is spotlighted for data center investment. A significant share of its APAC clientele is drawn from the public sector and financial services industry.

Lim highlights that data integrity and security are paramount within these sectors, leading to the decision to establish SolarWinds’ inaugural APAC ITSM data center in Australia. This location allows customers to meet data sovereignty requirements.

The launch of the ITSM data center in Australia responds to the regional customers’ demand for data residency compliance without compromising user experience. The investment signifies SolarWinds’ regional growth in APJ and aligns with the establishment of the Asia-Pacific data center for SolarWinds Observability.

Regarding customer service and availability, customers stand to gain two critical benefits: compliance and speed.

“Besides complying with data sovereignty requirements, the new ITSM data center aims to bolster SolarWinds software as a service (SaaS) offering, extending availability to customers in Australia and throughout the Asia-Pacific and Japan (APJ) region. Doing so ensures lower latency for users, resulting in improved responsiveness, enhanced customer performance, and accelerated operations in the region,” Lim explained.

Key initiatives SolarWinds is planning for the APAC region

SolarWinds has previously elaborated on its intentions to reinforce its impact in the APAC region, emphasizing the role of the new SolarWinds platform in propelling the region’s digital transformation aims and empowering organizations to attain sustainable growth.

The company has outlined how SolarWinds Hybrid Cloud Observability could propel regional digital transformation efforts and empower businesses to enhance performance, availability, security, and digital experience across complex, diverse, distributed hybrid and cloud environments.

Hybrid Cloud Observability streamlines the transformation process through an integrated, comprehensive, and economical full-stack solution designed to provide end-to-end supervision of service delivery and component dependencies across ITOps, DevOps, and security teams. The platform enables businesses to transition from a reactive IT stance to a proactive one, increasing productivity and efficiency.

Watch the video below on the introduction of SolarWinds Hybrid Cloud Observability:

Currently, SolarWinds is strategizing to enhance local deployments and expand its sales and support services across various APAC nations, including China, Taiwan, Vietnam, and Indonesia. Lim explains that being closer to customers and partners allows SolarWinds to respond more effectively to their needs, guaranteeing optimal support for their digital transformation journeys.

“To enhance our channel partner ecosystem in APAC, we will enlist more specialized partners to help us achieve our strategic business goals for the region. To create a more robust market presence and increase demand, we will drive strategic sales and marketing initiatives with our partners,” Lim concluded.

---

---

---

---