https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • MSP 501 Rankings
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • MSP 501 Rankings
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Shutterstock

Email Icon

SolarWinds Hackers Hit Malwarebytes, But Impact Limited to Internal Email

  • Written by Edward Gately
  • January 20, 2021
Abusing privileged access into a business application is an extremely common way to attack.

SolarWinds hackers have also targeted Malwarebytes, which became the fourth major cybersecurity firm to be attacked by this group.

Marcin Kleczynski, Malwarebytes‘ CEO and co-founder, disclosed the breach. Microsoft, FireEye and CrowdStrike also were targeted by the SolarWinds hackers. CrowdStrike fended off the attackers.

Malwarebytes' Marcin Kleczynski

Malwarebytes’ Marcin Kleczynski

“While Malwarebytes does not use SolarWinds, we, like many other companies, were recently targeted by the same threat actor,” Kleczynski said. “We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments. After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails. We found no evidence of unauthorized access or compromise in any of our internal on-premises and production environments.”

No Impact to Malwarebytes Partners

A Malwarebytes spokesperson said the breach had no impact on the company’s partners.

“We received information from the Microsoft Security Response Center on Dec. 15 about suspicious activity from a third-party application in our Microsoft Office 365 tenant consistent with the tactics, techniques and procedures (TTPs) of the same advanced threat actor involved in the SolarWinds attacks,” Kleczynski said. “We immediately activated our incident response group and engaged Microsoft’s Detection and Response Team (DART). Together, we performed an extensive investigation of both our cloud and on-premises environments for any activity related to the API calls that triggered the initial alert. The investigation indicates the attackers leveraged a dormant email protection product within our Office 365 tenant that allowed access to a limited subset of internal company emails. We do not use Azure cloud services in our production environments.”

Malwarebytes’ software remains safe to use, he said.

More to Uncover

Randy Watkins is CriticalStart‘s CTO.

Critical Start's Randy Watkins

Critical Start’s Randy Watkins

“From the report, Malwarebytes took appropriate and timely action after being notified of potentially malicious activity,” he said. “This attack validates what many inside the community have been saying since the discovery of the SolarWinds breach. We’re just starting to uncover the true scope. Cybersecurity providers, including ourselves, have begun to reassess their internal security measures to ensure the ability to quickly detect and respond to malicious behavior.”

Piyush Pandey is CEO at Appsian. He said abusing privileged access into a business application is an extremely common way to attack.

Appsian's Piyush Pandey

Appsian’s Piyush Pandey

“Many organizations leverage Microsoft Office 365 and Azure Active Directory,” he said. “And if an attacker identifies a vulnerability, the volume of attacks is likely to ramp up dramatically. This is why we recommend taking a defense-in-depth approach to securing business application data. This would include dynamic authorization to ensure privileged access could not be granted from a hostile country, reauthenticating users if they request access to sensitive data, applying data masking as much as possible at the UI level, and having granular visibility into data access and usage.”

Unfortunately, legacy business applications can’t do this out of the box, Pandey said. Therefore, organizations need supplemental solutions.

“IT and security leaders must take a hard look at their business applications and research a defense-in-depth strategy,” he said. “Otherwise, a data breach or data compromise is inevitable.”

Tags: VARs/SIs Technologies Best Practices Cloud Security

Most Recent


  • Making Waves
    7 Channel People Making Waves This Week at AWS, Cisco, Snyk, CrowdStrike, More
    Earlier this year, ServiceNow made a $25 million strategic investment in Snyk. This followed Snyk closing a $196.5 million funding round.
  • AppDirect-TBI, latest channel M&A
    Latest Channel M&A: ReliaQuest, IBM, Broadcom, Amplix, More
    Absolute Software, Procure IT and Qlik were among other companies wheeling and dealing in May.
  • CwCJ with Palo Alto Networks
    Coffee with Craig and James Episode 124: Palo Alto Networks
    Cybersecurity is on the agenda, as we talk threats, channel program and more.
  • Company Culture
    How Company Culture Plays a Big Role in M&A
    Don't underestimate the importance of accommodating differences in company cultures in planning for a merger.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • hybrid clouds
    Nutanix, HPE Team on Hybrid, Multicloud via GreenLake
  • lone Arctic wolf
    Arctic Wolf Enhances Partner Program with 2 New Tiers
  • cybersecurity lock
    Telos Partners Get New CyberProtect Partner Program
  • Cloud security
    VMware Debuts Cloud Web Security on SASE Platform

Upcoming Events

View all

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Channel Partners Conference & Expo

March 11, 2024 - March 14, 2024

Galleries

View all

7 Channel People Making Waves This Week at AWS, Cisco, Snyk, CrowdStrike, More

June 9, 2023

Latest Channel M&A: ReliaQuest, IBM, Broadcom, Amplix, More

June 9, 2023

Images: Channel Partners Conference & Expo Best in Show Awards

June 9, 2023

Industry Perspectives

View all

Identity Is Increasingly Valuable – and Targeted

May 18, 2023

Gaining a Competitive Advantage through AV Managed Services

May 10, 2023

How to Build an Organization That Attracts and Retains Talent

May 1, 2023

Webinars

View all

From Problem to Profit: Mastering the Science of Selling Using Business Outcomes

May 9, 2023

Meet the 2023 Channel Futures Channel Influencers

April 13, 2023

DE&I Dialogue: How the Right DE&I Initiatives Can Propel Your Business

April 5, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode 124: Palo Alto Networks

Motus: Partners Grasping Mobile Workforce Management Opportunity

June 9, 2023

Coffee with Craig and James Episode No. 123: MartinWolf M&A Advisors, CP Expo Preview

April 24, 2023

UScellular Takes On Rivals with Partner Program Simplicity

April 21, 2023

Twitter

ChannelFutures

Channel people making waves include @mnair1, @George_Kurtz, @mike_at_vulcan, @jzoblin, @jpatel41 and more.… twitter.com/i/web/status/1…

June 9, 2023
ChannelFutures

.@motusdotcom wraps its #CPExpo experience, talks mobile workforce management opportunity in the channel.… twitter.com/i/web/status/1…

June 9, 2023
ChannelFutures

Find out why #companyculture is significant when planning a merger or #acquisition. dlvr.it/SqR4ks https://t.co/gAUxiEW4yE

June 9, 2023
ChannelFutures

Great conversation with @Tom_D_Evans of @PaloAltoNtwks talking #cybersecurity, channel, more.… twitter.com/i/web/status/1…

June 9, 2023
ChannelFutures

The latest channel M&A includes @ReliaQuest, @IBM, @Broadcom, @AmpliXIT and more. dlvr.it/SqQntD https://t.co/DektC1Xmz9

June 9, 2023
ChannelFutures

Find out why everyone is talking about generative AI and cloud in this exciting new article >>… twitter.com/i/web/status/1…

June 9, 2023
ChannelFutures

In just 4 days, #ChannelPartners will come together in #London for #ChannelEurope. Professionals from the IT & Tele… twitter.com/i/web/status/1…

June 9, 2023
ChannelFutures

Kicking off a multi-part series, get the inside scoop on what changes are taking pace in the channel. In this galle… twitter.com/i/web/status/1…

June 8, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X