32.Lock Code Circular

The Linux Foundation has offered suggestions on how we can avoid SolarWinds type attacks in the future. Doing so won't be easy - but it must be done.


One of the most irritating things about the SolarWinds attack was that the Russian crack went unnoticed from March to December 2020. During that time, the Russian government's SolarWinds hack was opening the door to the secrets of numerous top American government agencies and tech companies. Even now, we're still trying to get our minds around just how widespread and bad the SolarWinds cracks were. 

The root causes of this crack were a dangerous set of software supply-chain failures. It's too late for anything but damage control for SolarWinds, but The Linux Foundation has found several lessons to make sure your programs, whether open source or proprietary, avoid SolarWinds-style disasters.