Get Started Today!  (415) 295-4898

croom new

415 IT Blog

Here’s What You Need to Know About the Giant SolarWinds Cyberattack

Here’s What You Need to Know About the Giant SolarWinds Cyberattack

2020, unsurprisingly, has decided to go out with a bang, as it has been revealed that the United States was targeted in the largest cyberespionage attack to date. Let’s go over what this attack means, and how things will need to play out in the future.

How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

Unfortunately, the full extent of this threat will not be clear to us until much later, but what is clear is that we’ll be here to keep your business’ IT as secure as possible. To learn more about what we can do for your business and its security, take a few moments to give us a call at (415) 295-4898.

Let’s Take a Look at Some Popular Internet Scams
Why You Need to Prioritize Backup and Recovery


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, January 19 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to

Mobile? Grab this Article

QR Code

Tag Cloud

Security Tip of the Week Technology Productivity Business Computing Best Practices Data IT Support Data Backup Network Security Privacy Hosted Solutions Cloud IT Services Efficiency Data Recovery Internet Software Email Managed IT Services Business Mobile Device Malware Collaboration Google Phishing Small Business User Tips Innovation Outsourced IT Hackers Cloud Computing Cybersecurity Business Management Smartphone Hardware Tech Term Upgrade Communication Managed Service Computer Microsoft Mobile Devices Android Business Continuity Workplace Tips Windows 10 Covid-19 Smartphones VoIp Backup Quick Tips Ransomware Disaster Recovery Paperless Office Managed Service Provider Remote Work Encryption Communications Network Users Office 365 Business Technology Saving Money Wi-Fi Passwords Data Management Browser Server Managed IT Artificial Intelligence Help Desk Social Media Internet of Things Remote Monitoring BDR Windows 7 Vulnerability Save Money Holiday Healthcare Document Management Government Compliance Windows Data Security Automation Applications Blockchain Facebook Scam Chrome Miscellaneous Laptops Managed IT services Microsoft Office Vendor Management Gadgets Avoiding Downtime Information Antivirus Project Management Virtualization Two-factor Authentication Employer-Employee Relationship Redundancy Processor Office Mobile Office Health Analytics Tip of the week Remote Bandwidth Wireless Regulations Information Technology IoT IT Management BYOD Training RMM OneDrive Managed Services Hard Drive Customer Relationship Management Proactive Meetings Router Infrastructure Storage Data Loss Software as a Service Net Neutrality Maintenance Machine Learning VPN Networking Website Employee-Employer Relationship Company Culture Mobility Files Access Control Virtual Private Network Apps Unified Communications Management Professional Services File Sharing Assessment Word Spam Patch Management Data Breach Gmail The Internet of Things Network Management Cooperation Risk Management Data Storage Monitoring WiFi Consultation Money Vendor Bring Your Own Device HIPAA Utility Computing Remote Worker Remote Monitoring and Management Social Network Alert Financial Time Management Tablet Operating System Password Remote Computing Internet Exlporer Dark Web Augmented Reality Employees Smart Technology Electronic Health Records Instant Messaging Unified Threat Management Computing Consulting Downtime Recycling File Management Holidays Search Co-Managed IT Managed Services Provider Payment Cards Server Management Mobile Security Display Remote Workers Flexibility Managing Stress Laptop Asset Tracking IT Consulting Backup and Disaster Recovery Distributed Denial of Service Teamwork Optimization Samsung Read Only Security Cameras Legislation Cybercrime Cyber security MSP Finance Specifications Return on Investment Nanotechnology Wires Banking Point of Sale SharePoint Tech Terms Options Telephone Chatbots Video Conferencing Digital Payment Websites Hotspot Mobile Computing PCI DSS Mail Merge User Error Operations Mirgation Business Telephone Superfish Conferencing Database Management Enterprise Content Management Remote Working Human Error Managed IT Service Shared resources Going Green Wearable Technology Star Wars Virtual Machines Printing Authentication Black Friday Settings Personal Information App Reviews E-Commerce Downloads Theft 5G Mobile VoIP Identity Theft Enterprise Resource Planning Biometric Mouse SaaS Language Virtual Assistant Bitcoin Geography Address Electronic Medical Records Manufacturing Cache IT Assessment GDPR Social Networking Budget OneNote Permission Break Fix Batteries Credit Cards Techology Authorization Touchscreen Cyber Monday Hacking Staff Transportation Active Directory Screen Reader End of Support Features Permissions Wireless Internet Big Data Identity Gamification Politics Computing Infrastructure Wasting Time Current Events Modem High-Speed Internet CRM Microsoft Excel Smart Devices Digitize Heating/Cooling G Suite How To Technology Laws Test CIO applications Tech Support Computers Private Cloud Outlook WPA3 Disaster Resistance Trending Windows Server Smart Tech Windows Server 2008 Gifts Emergency Multi-Factor Security Procurement Google Calendar Fraud Employer/Employee Relationships Apple Mobile Statistics Alerts Database Development Content Filtering Printer Hard Disk Drives Sensors Shadow IT Travel Servers Notes Motherboard Chromebook Unified Threat Management Virtual Reality IT Technicians Cost Management Bookmarks ROI Outsource IT Shortcut Fleet Tracking Proactive IT Zero-Day Threat Firewall User Management Connectivity Hacker Cyberattacks Social Proactive Maintenance Solid State Drive Customer Service Comparison Bluetooth Licensing Voice over Internet Protocol Projects Cookies Cables Mobile Device Management Recovery Solid State Drives Migration eWaste Outsourcing Technology Tips PowerPoint Vulnerabilities Peripheral Data Warehousing Value of Managed Services IT Lenovo Favorites CES Marketing Printers Education Regulation CEO Students Daniel Stevens Twitter

Latest Blog

It isn’t often that you’ll hear a managed service provider say something like, “There’s no school like the old school.” In many ways, however, the basic principles of a solid business IT strategy haven’t changed all that much… despite the momentous changes that we’ve witness...

Latest News

We are proud to announce that 415 IT and our CEO, Daniel Stevens, were recently featured by CIO Applications. We discussed how and why we serve our clients, as well as some sneak peeks for our future. Read our interview by visiting:  https:...