Google uses the plagued SolarWinds management software for its cloud service but says it was not impacted by the hack that penetrated large parts of the US government.
In such an attack, hackers enter a company through a supplier. The SolarWinds hack is an example, but a few years ago, something similar happened with NotPetya, a ransomware virus that was hidden in an update of popular Ukrainian accounting software.
Customers who download and install the update, often automatically, will immediately receive the malware.
It seems a bit that Google Cloud tries to appease its customers with the blog and to boost confidence in its own business.
IT companies have been trying to get us more and more ‘connected’ for years, and in the meantime, the software of many organizations is linked like a fine-meshed network. In such an environment, an attacker who can slip from one company to another is particularly terrifying.
Google Cloud, itself in principle a supplier to many companies, therefore puts even more pressure on the security measures that are embedded in the service, from special Titan Chips in servers to virtual machines that are protected.