What is the SolarWinds Hack?
The SolarWinds Hack is one of the biggest cybercrime committed in 2020, hackers inserted malicious code into software updates for the SolarWinds network management product Orion.
This is being called a ‘Supply Chain’ attack: Instead of directly targeting the federal government or a private organization’s network, the hackers attacked a third-party vendor, which supplies software to them. In this case, the target was an IT management software called Orion, supplied by the Texas-based company SolarWinds.
The Victims of the SolarWinds breach
According to several sources including The Wall Street Journal, some big tech companies have been infected by the SolarWinds incident. The list of victims keeps getting bigger: Cisco, Intel, Nvidia, Belkin, Comcast (CCZ), McDonald’s (MCD), and VMware have all had computers on their networks infected with the malware, and there could be far more. The attackers behind the breaches also access to major US technology, accounting companies, the California Department of State Hospitals, and Kent State University.
Microsoft also reported that it was impacted by the hack. “Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed,” a Microsoft spokesperson said in a statement.
Cisco confirmed that it found the malicious software on some employee systems and a small number of laboratory systems. The company is still digging into it. “At this time, there is no known impact to Cisco offers or products,” a company spokesman said.
Deloitte, infected in late June according to the Wall Street Journal’s analysis, said it “has taken steps to address” the malware but hasn’t “observed indications of unauthorized access to our systems at this time.”
VMware said it found “limited instances” of the malicious software in its systems, but its “internal investigation has not revealed any indication of exploitation,” a spokesman said.
What to do to prevent data breaches?
In a recent interview made to Ron Ross ( fellow at the National Institute of Standards and Technology) at Federal News Network Podcast, he said that everything comes down to system security engineering. Each system security engineering should be able to see at all the “Ifs”. “ what kinds of threats could happen in this case? And looking at those potential, what ifs, they can kind of project out the extent of the damage that could happen… But the important point is that you’re kind of wargaming ahead of time. You’re looking at the what ifs, and then you’re not always going to be surprised.”
List of protections you should have in place to protect you from this type of breaches
- Quarterly Business Reviews And Security Risk Assessments
- Proactive Monitoring, Patching, Security Updates
- Data Breach And Cyber-Attack Response Plan
- Ransomware Backup And Disaster Recovery Plan
- A Mobile And Remote Device Security Policy
- More Aggressive Password Protocols
- Multi-Factor Authentication
- Web-Filtering Protection
- Cyber Security Awareness Trainings
- Protections For Sending/Receiving Confidential Information Via E-mail
- Secure Remote Access Protocols.
- Dark Web/Deep Web ID Monitoring
Does your IT Guy/Provider uses Solar Winds products to protect your data? The answer is you don’t know!! That’s why only MOTIVA’s 77 point vulnerability audit can tell you if you would survive a data breach. Click here to schedule a complementary Cybersecurity Audit NOW!
