Direct Technology Group Blog

Direct Technology Group provides professional IT Support and Network Services for Businesses around Deerfield Beach. Computer Services, Tech Support, IT Solutions and more!

We All Just Saw the Largest Cyberattack Ever - Here’s What You Should Know

We All Just Saw the Largest Cyberattack Ever - Here’s What You Should Know

Based on how the rest of the year has gone, it should come as no surprise that 2020 has come to an end with the news that the United States was targeted in the largest cyberespionage attack ever. Let’s go into what this attack signifies, and what we should all take away from it.

How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

It isn’t likely that the true extent of this situation will be clear to us for some time, but what should be clear is that we’ll be here to keep your IT as safe as we can, regardless. If you have any questions pertaining to your business’ technology, give Direct Technology Group a call at 954-739-4700.

How to Resolve the Most Prevalent Security Threat ...
Non-Technical Solutions for Team Collaboration
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 19 January 2021

Captcha Image

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Business Computing Cloud Efficiency Productivity Google Network Security Hackers Microsoft Data Malware Communication Software Workplace Tips Innovation Smartphones User Tips Business Miscellaneous Hardware Email IT Support Hosted Solutions Mobile Devices Backup Android communications Internet Small Business Users Computer Collaboration Ransomware Smartphone Network VoIP Mobile Device Cybersecurity Productivity Business Management Social Media Upgrade Managed IT Services Windows Outsourced IT Windows 10 Browser Passwords Holiday Managed Service IT Services Tech Term Microsoft Office Save Money Covid-19 Apps Cloud Computing Employer-Employee Relationship Bandwidth Windows 10 Automation Gadgets Business Continuity Office Facebook Quick Tips Phishing Managed IT Services Remote Marketing Chrome Saving Money Internet of Things Data Backup Disaster Recovery Wireless Wi-Fi Apple IT Support Health Gmail Mobile Device Management Information Networking Server Data Recovery Analytics Router Alert Office 365 Password Applications App Mobility Patch Management Office Tips Business Intelligence Managed Service Provider Computers Remote Computing Cybercrime Government Settings VPN Retail Hacking Data Breach Virtualization Access Control Going Green Twitter Recovery Laptop Excel Physical Security Blockchain BDR WiFi Data Management BYOD Law Enforcement Application Remote Work iPhone Battery Website Operating System Remote Monitoring Printer Humor Mobile Computing Conferencing Google Drive Environment Employee-Employer Relationship Word Workers Maintenance Safety Compliance Net Neutrality Entertainment Paperless Office Information Technology Lithium-ion battery Politics VoIP Big Data Spam Voice over Internet Protocol Mobile Office Telephone Systems Managed IT Service Virus Biometrics Value Artificial Intelligence End of Support History Social Engineering Mouse Bring Your Own Device Internet Exlporer Windows 7 Hosted Solution Education Streaming Media Training Fax Server The Internet of Things Telephone System Remote Monitoring and Management SharePoint Printer Server Dark Web Encryption Two-factor Authentication RAM Wireless Charging Managing Stress Remote Workers Tip of the week HIPAA Processor eWaste Hybrid Cloud Content Filtering Virtual Assistant Healthcare Company Culture Data Protection Cost Management User Error Sports How To Best Practice Data Security G Suite Virtual Reality Tech Terms Employees Shortcut Tablet Medical IT Scam Vendor Connectivity YouTube Business Technology Smart Technology Vulnerability Batteries Social Network Human Resources Cleaning Meetings Files Cortana DDoS PowerPoint Robot Telephony Hard Drives Tech Support IT solutions Data storage Payment Cards Customer Relationship Management Shadow IT Current Events Search Risk Management Customer Service Reputation Digital News Printers Mobile Proactive IT Google Maps Microsoft Office 365 Advertising Programming Staff Tactics Comparison Copy Reviews Taskbar Scams Holidays HaaS Unified Communications Online Shopping Customer Edge WIndows 7 Time Management Spotify Unified Threat Management Gig Economy National Security Authentication Private Cloud Websites Internet Explorer Specifications Paste Project Management Personal Information Virtual Private Network Security Cameras Flexibility Windows Media Player Analysis Analyitcs Chrome OS Cabling Gifts Updates Botnet Authorization Public Cloud Dongle Threat Lead Generation Insurance SaaS Notifications Co-Managed IT Wearables Legal Microsoft Teams Touchpad Hacker IT budget Remote Support Hiring/Firing Remote Control Managed IT Troubleshooting Printing Memes Science Relocation IT Management Phone System Staffing Management Electronic Health Records Windows XP User Spam Blocking Display File Management Update PDF Technology Tips Paper User Tip WannaCry IT Video Games Windows 8 Reporting File Sharing Remote Working Email Management Benchmarks Wearable Technology Managed Services Provider Outlook Social Backup and Disaster Recovery Ink Telecommuting Hard Drive Hosted Desktop E-Commerce Cables Black Market People Bloatware Network Attached Storage User Security Solid State Drive Webcam Bluetooth Recycling Running Cable Profitability SSD Millennials Processors Licensing Worker Uninterrupted Power Supply Firewall Payment Alerts GDPR Entrepreneur Server Management disposal Gadget PCI DSS Hard Disk Drive USB Eliminating Downtime Social Networking Inventory Downloads NarrowBand Tablets Spyware Travel Profiles instant Messaging Work/Life Balance Downtime Storage Machine Learning Regulations Compliance Video Avoiding Downtime Bitcoin Automobile Distribution Wireless Internet Mobile Security Trends Wireless Technology HP Live Streaming Computer Repair Vulnerabilities Amazon Computer Accessories Error Telecommute Sales Consultant Innovations OneNote Multi-Factor Security Distributed Denial of Service Fleet Management Help Desk e-waste A.I. Chromecast Voice over IP Memory Document Management WhatsApp Access IT Service Cryptocurrency Budget Plug-In Monitor Cameras Touchscreen Internet exploMicrosoft Data loss Database Knowledge Best Available Tip of the Week/Security Windows Server 2008 R2 Threats Antivirus Multi-Factor Authentication Certification Techology Movies eCommerce

Mobile? Grab this Article!

QR-Code dieser Seite