logo
episode-header-image
Feb 2021
48m 28s

Anatomy of a Hack: SolarWinds and Ripple...

Andreessen Horowitz
About this episode

In this special “3x”-long episode of our (otherwise shortform) news analysis show 16 Minutes -- past such 2-3X explainer episodes have covered section 230, Tiktok, GPT-3, the opioid crisis, more -- we cover the SolarWinds hack, one of the largest (if not the largest!) publicly known hacks of all time... and the ripple effects are only now starting to be revealed. Just this week, the U.S. Cybersecurity and Infrastructure Security Agency shared (as reported in the Wall Street Journal) that approximately 30% of both private-sector and government victims linked to the hack had no direct connection to SolarWinds. So who was compromised, do they even know, can they even know?!

Because this hack is a supply-chain compromise involving various third-party software and services all connected together in a "chain of chains", the knock-on effects of it will be revealed (or not!) for years to come. So what do companies -- whether large enterprise, mid-sized startup, or small business -- do? What actually happened, and when does the timeline really begin? While first publicly revealed in December 2020 -- we first covered the news in episode #49 here when it first broke, and there have been countless headlines since (about early known government agency victims, company investigations, other tool investigations, debates over who and how and so on) -- the hack actually began not just a few months but years earlier, involving early tests, legit domains, and a very long game.

We help cut through the headline fatigue of it all, tease apart what's hype/ what's real, and do an "anatomy of a hack" step-by-step teardown -- the who, what, where, when, how; from the chess moves to technical details -- in an in-depth yet accessible way with Sonal Chokshi in conversation with a16z expert and former CSO Joel de la Garza and outside expert Steven Adair, founder and president of Volexity. The information security firm (which specializes in incident response, digital forensics/ memory analysis, network monitoring, and more) not only posted guidance for responding to such attacks, but also an analysis based on working three separate incidents involving the SolarWinds hackers. But how did they know it was the same group? And why was it not quite the perfect crime?

image: Heliophysics Systems Observatory spacecraft characterize, in the highest cadence, the constant stream of particles exploding from the sun affect Earth, the planets, and beyond via NASA Goddard Space Flight Center / Flickr

Up next
Feb 2022
Parasite, the Malaria (Tech & Science) Edition
original episode notes and transcript here: https://future.a16z.com/podcasts/malaria-vaccine-tech-science-news/ Longtime podcast showrunner (2014-2022), primary host, and editor Sonal Chokshi shares three best-of episodes as she shifts gears and the show goes on hiatus until rela ... Show More
38m 5s
Dec 2021
Crypto at Congress: 'Watershed' Moment for Regulation and Web3
Welcome to 16 Minutes, our podcast where we discuss tech trends in the news and their impact on the long arc of innovation. Today’s topic is crypto regulation, and specifically, two recent federal government hearings in the news that were focused on crypto and therefore the relat ... Show More
12m 20s
Dec 2021
Inside the GameStop Drama; The U.S. Constitution, Auctioned
Welcome to 16 Minutes, our show on the a16z podcast network where we talk about tech trends that are dominating news headlines, industry buzz, and where we are on the long arc of innovation. Today’s episode actually features a look back at the GameStop saga — the stock market dra ... Show More
21m 11s
Recommended Episodes
Sep 2020
TikTok & Beyond: The Algorithm Question, The Future of Product
With the U.S. tech partnership for TikTok being finalized, what happens if source code is excluded (and more specifically, the For You Page algorithm), given China’s revised export controls? But more broadly -- well beyond the specifics and politics of this deal -- what does the ... Show More
37m 30s
Jun 2019
a16z Podcast: Entrepreneurs, Then and Now
with Marc Andreessen (@pmarca), Ben Horowitz (@bhorowitz), and Stewart Butterfield (@stewart) A lot in technology -- and venture -- happens in decades. New cycles of technology come and go, including some secular shifts; a new generation of founders matures; and so much more chan ... Show More
44m 53s
Feb 2021
Amazon Narratives: Memos, Working Backwards from Release, More
When you hear stories about Amazon's "invention machine" -- which led to a company with not just one or two products but several successful diverse lines of business -- we often hear about things like: Memos, six pages exactly and no powerpoints at all!; or, the idea of just "wor ... Show More
1h 3m
Jun 2019
a16z Podcast: Stories from the Frontlines of Synthetic Fraud
Synthetic fraud—yes, it's a thing: a new evolution of consumer fraud that’s been emerging in financial services, to the tune of $1-$2B a year. In this episode of the a16z Podcast, Naftali Harris, co-founder and CEO of Sentilink, which builds technology to detect and stop syntheti ... Show More
34m 30s
Jul 2021
Systems Leadership for Disruptors and Incumbents
There's been a false dichotomy in technology and management lore over the past decade, between "brain" and "brawn", digital and physical, independence and interdependence, software culture versus industrial culture… or so observes Stanford Graduate School of Business lecturer, fo ... Show More
48 m
Mar 2019
a16z Podcast: How Many Taps in the Apple (Plus) Tree?
with Benedict Evans (@benedictevans) and Steven Sinofsky (@stevesi) What does Apple's recent event — in which a range of new services was announced, from Apple News Plus to Apple TV Plus to the Apple card — mean for the company's overall strategy and tactics? In this another of a ... Show More
28m 48s
May 2021
NFT Use Cases, Today and Tomorrow
Recently, a16z and the Stanford Center for Blockchain Research hosted the NFT Virtual Summit, which brought together leading thinkers and builders on the topic of NFTs, or non-fungible tokens — these tokens are enabling new creator and ownership economies to emerge. We’ve covered ... Show More
19m 7s
May 2024
Remaking the UI for AI
Make sure to check out our new AI + a16z feed: https://link.chtbl.com/aiplusa16z a16z General Partner Anjney Midha joins the podcast to discuss what's happening with hardware for artificial intelligence. Nvidia might have cornered the market on training workloads for now, but he ... Show More
40m 5s
Apr 2021
Crypto, an Oral Essay
This is a special episode of the a16z podcast — it's an audio history, told through the voices of the a16z crypto team, about what crypto is, how it really works, and why it matters. This "innovation overview" is meant as a resource, and it features hallway-style conversations wi ... Show More
38m 34s
Oct 2023
When Will AI Hit the Enterprise? Ben Horowitz and Ali Ghodsi Discuss
Today’s episode continues our coverage from a16z’s recent AI Revolution event. You’ll hear directly from a16z cofounder Ben Horowitz and Databricks cofounder and CEO, Ali Ghodsi as they answer questions around AI and the enterprise, plus their perspectives on open source, whether ... Show More
25m 33s
Listen to millions of songs and podcasts on Anghami