It appears that this hack was done by first hacking their build server. During their build process the extra malicious code was slipped in to the binaries.<p>How does one detect and prevent these types of processes?<p>How do we prevent as a community what happened to Solarwinds from happening to us?
One thing that might have helped was to use multiple suppliers for the same type of software. It might have limited the scope of the hack.
But, a supply chain attack is very hard to detect. The best you can do is to put honeypots on the network and hope an intruder tries to access them.<p>Also security is a never-ending task. If someone wants to get in, they will. One has to be ready to meet the attacker at the door. In the same way that banks put security guards in branches, enterprises need to do something similar on networks.<p>I think the whole software supply chain will eventually have to meet a security rating that will show that the supplying company is meeting certain minimum requirements.<p>I don't know if it's still the case but Windows NT had to meet a governmental security rating before it could be sold to the government. Seems to me like the government let that slip for other suppliers or it just did not evolved fast enough to prevent the SolarWinds attack.<p>Also, in programming we have paired programmers to help with quality control. We might have to think about paired network security admins that help maintain quality control when dealing with the security of sensitive information. It's too easy for one person to skip steps. It's human nature to pick the shortest path.
First, don't make your password "solarwinds123". Second, don't post your password to github.<p>Could SolarWinds have still been hacked without those two incredible displays of incompetence? Probably. But there's no point worrying about more sophisticated attacks if you can't stop the less sophisticated. The first step to not getting hacked is literally to not be <i>that</i> incompetent.