fbpx
Mytek Logo
MyTek Logo

SolarWinds Hack – Everything You Need to Know

by | Dec 28, 2020 | Alerts, MyTek Blog

Q

Subscribe To The Blog

By subscribing to the blog, you will be notified when a new blog post is created on the site.

SolarWinds Hack - Everything You Need to Know About The Largest Cyber Attack of All TimeSolarWinds Hack – Everything You Need to Know: True to form, 2020 has given us a final parting gift: the news that the United States was targeted this year by the biggest cyberespionage attack ever. Let’s go into the ramifications of this attack, and what it should teach us going forward.

 How Did the Attack Happen?

SolarWinds Hack – Everything You Need to Know: True to form, 2020 has given us a final parting gift: the news that the United States was targeted this year by the biggest cyberespionage attack ever. In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

While we likely will not know how deeply this threat went for some time, you can at least be sure that COMPANYNAME is here to help keep your IT as safe as possible. If you have any questions for us regarding your business’ technology, do not hesitate to give us a call at PHONENUMBER.

ABOUT THE AUTHOR

Tim - Team

Tim Tiller, LMSW

 
Tim Tiller, MSW brings a deep service background to his role at Mytek, having graduated from McDonald’s management training program, fresh out of high school, and working his way up through the ranks in the hospitality industry. He has led two prior companies – Multi-Systems Inc., an IT-focused organization providing technology to hospitality companies (where he was named President at age 36), and most recently, as Chief Operating Officer for Jewish Voice Ministries International.

Q

Subscribe To This Author

By subscribing to the author, you will be notified when a new blog post is created by the author.

AUTHOR’S RECENT POSTS

New Update Brings Windows 11 to Chrome

The Chrome browser from Google has recently gotten an update that is surprising users a little. Chrome can now change many menus to Microsoft Windows 11 style menus. You might be surprised to learn that Microsoft and Google are working together in some places....

Learning Telltale Signs of a Phishing Email Can Save Your Business

We know you’ve heard of phishing by now, and this threat is getting bigger and bigger as time passes. With this growth, phishing attacks are becoming harder than ever to identify. Sometimes, it can be really hard for businesses to tell the difference between phishing...

I Need My Computer Repaired, and I Need It Right Now

You’re working on a big project when all of the sudden your computer crashes. Uh oh. What do you do? Obviously, you should immediately reach out to support, but let’s look into how your acquisition of support might go, even if the issue at hand can’t be handled...

Mobile? Grab this Article!

QR Code

Blog Archive

Share This