The recent SolarWinds data breach is an example of what can happen if you aren’t careful. Even a big business can be susceptible if employees aren’t properly briefed on what you can do to avoid an account takeover or other form of security breach.
What Happened During the SolarWinds Breach?
SolarWinds is a national infrastructure and IT software business that has been breached via a Trojan horse system. This data breach was caused by a Trojan horse system and cybercriminals actually infected over 18,000 companies.
SolarWinds runs an enterprise platform called Orion. This was attacked and compromised meaning that the servers were able to be weaponized. This actually impacted 18,000 organizations including government agencies and even homeland security.
This is a supply chain attack. This was a clever way of using Orion to get at some really “big fish” companies.
Hackers used malicious code for the account takeover. Allowing them to enter the system and even change the code.
It’s not known exactly what the impacts will be in the long term. This is a large cyber welfare attack and could reveal a number of secrets. It’s also a way that attackers might expose weaknesses within organizations or access security information to exploit.
At the time of the attack, the US Cybersecurity and Infrastructure Security Agency issued a directive that advised their civilian agencies to “review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately”. This shows just how important this breach is in the scheme of data breaches.
SolarWinds has said it is closer to understanding how this data breach happened. Two customer support incidents have been identified as a possible part of the hacking campaign. The root cause has not totally been revealed yet as the malicious code is still being investigated. This breach is relatively new.
Some people have pointed the finger at Russia. Because the attack was very sophisticated, a small group of hackers may have struggled, but a state-sponsored group trying to gain intelligence on American government and agencies could be a more likely answer.
The Kremlin has denied any involvement and there is no proof currently that the attack came from Russia. Whoever caused the so-called “SUNBURST” attacks has a lot of hacking power behind them, and this is cause for concern for a lot of companies and agencies having to heighten their cybersecurity.
How The Company Will Fight Back Against the Breach
Patches and updates were quickly put together to fight back against the breach and to patch the security breaches. In theory, the SolarWinds Orion platform is safe to use again, but the data that has been lost has been damaging enough.
SolarWinds has also vowed to work with “third-party cybersecurity experts” as they aim to improve their security and ensure that data breaches like this don’t happen again.
This is a timely reminder that people should take cybersecurity very seriously, and that even huge government agencies can be susceptible if there are large-scale attacks.
BIO: David Lukić is an information privacy, security and compliance consultant at IDstrong.com. The passion to make cyber security accessible and interesting has led David to share all the knowledge he has.
2 Comments
Pingback: Biden Administration Launches Emergency Taskforce to Address Cyber-attack After Microsoft Hack | Innovation Village | Technology, Product Reviews, Business
Pingback: Microsoft Issues Urgent Windows Security Warning: Update Your PC Immediately | Innovation Village | Technology, Product Reviews, Business