Blog

SolarWinds Hack - Everything You Need to Know About The Largest Cyber Attack of All Time

SolarWinds Hack - Everything You Need to Know About The Largest Cyber Attack of All Time

True to form, 2020 has given us a final parting gift: the news that the United States was targeted this year by the biggest cyberespionage attack ever. Let’s go into the ramifications of this attack, and what it should teach us going forward.

 How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

While we likely will not know how deeply this threat went for some time, you can at least be sure that White Mountain IT Services is here to help keep your IT as safe as possible. If you have any questions for us regarding your business’ technology, do not hesitate to give us a call at 603-889-0800.

Related Posts

Cybersecurity has changed considerably since 2017, and any business that wants to survive in the evolving online environment needs to consider how they are protecting their assets. We want to take a look at precisely how cybersecurity has changed sin...
Security is one of the most important parts of running a business, especially today when organizations rely so heavily on their technology solutions. Some of the most dangerous threats lurk on a business’s network, watching and waiting for an opportu...
In light of all the data leaks and vulnerabilities that have been brought to light over the past few years, network security has to be a priority for every business. One problem many organizations have is that while they are protecting their network ...
Anyone who uses the Internet has to be aware of the dangers involved. Beyond the safety of your network’s security solution, there lies a horde of malicious entities just waiting for you to let your guard down. All it takes is one moment to release t...
Mobile devices continue to be an important part of doing business, and organizations are ready and willing to accept them into the workplace environment with open arms. Yet, the fact remains that doing so can be of significant risk. Believe it or not...
The reliance the modern business has on its IT cannot be understated. As a result, to keep their computing network and infrastructure running efficiently, companies need to have a network and cybersecurity policy in place. With the development and us...
Cybersecurity is one of the most talked about problems facing the modern business. This is because cybercrime has increased precipitously while businesses have moved more of their processes onto the computer. Planning how to protect your business’ cr...
Even the most innocent Internet user can fall victim to the stray hacking attack, and it’s all thanks to the manner in which malware reverse-engineers software. This process is how a hacker finds vulnerabilities in software. However, a new security c...
Databases are exceptionally useful for allowing access to important data, but they by default expose data to risks depending on how they are stored. If a database is stored in the cloud, for example, it could potentially be exposed to threats that pu...
Security has never been easy for any business that deals with sensitive information. Nowadays, even a small business that uses an Internet connection has to worry about hackers and malware of all types. This is especially problematic for small health...
The online world is a scary place. Viruses, malware, spyware, adware, and more are all out there trying to get at your network. These threats are almost always prevalent, but compared to each other, some are vastly superior and far more dangerous and...
While security experts tend to focus the brunt of their discussions on desktop OS vulnerabilities, there are plenty of mobile malware threats that fly under the radar. One such malware is called Hummer; a trojan that installs unwanted apps and malwar...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our office in NH.  For locations outside of our service area, we will manage a local vendor to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services
33 Main Street, Suite 302
Nashua, New Hampshire 03064

 

603-889-0800

map nashua4 1

 

Open Positions