Sign In

Communications of the ACM

ACM Opinion

Why Was SolarWinds So Vulnerable to a Hack?


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
tiny open door within a secure door, illustration

Credit: Alex Merto / The New York Times

Bruce Schneier, a security technologist, is a fellow at the Belfer Center at the Harvard Kennedy School and a fellow at the Berkman Klein Center for Internet and Society at Harvard University.

Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. The hack gave the attackers access to the computer networks of some 18,000 of SolarWinds's customers, including U.S. government agencies, nuclear research labs, government contractors, IT companies, and nongovernmental agencies around the world.

Who is at fault? The U.S. government deserves considerable blame, of course. But the modern market economy, which aggressively rewards corporations for short-term profits and aggressive cost-cutting, is also part of the problem.

The market encourages companies to make decisions in their private interest, even if that imperils the broader interests of society. The only way to force companies to provide safety and security features for customers and users is with government intervention.

From The New York Times
View Full Article – May Require Paid Registration


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account
ACM Resources