Your IT Support Experts

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.

Home

About Us

IT Services

Knowledge Base

Blog

Contact Us

Support

01202 835880

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

Oh-Tech Blog

Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Honestly, it shouldn’t be surprising that 2020 has come to an end with news of a massive cyberespionage attack—the biggest ever, as a matter of fact. Let’s dive into what we know, and what it signifies.

 How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

It is going to be some time before it becomes clear how deeply this threat went, assuming it ever does. Regardless, we want you to remember that Oh-Tech is here to help protect your business from as many IT issues as possible so that you can be more productive. To find out more about what we offer, give us a call at 01202 835880 today.

Security Tips That Will Help You Hold Your Own
Getting the Right Amount of Bandwidth Can Open New...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Wednesday, January 27, 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://oh-tech.co.uk/

We Provide Managed IT Support Services for Businesses In:

  • Bournemouth 
  • Poole
  • Christchurch
  • Ringwood
  • Salisbury
  • Dorchester
  • Southampton
  • Portsmouth

And all throughout the UK

News & Updates

 Many businesses have turned to the productivity suite as they’ve added more and more useful tools. Traditionally, the productivity suite came with a word processor, spreadsheet program, note-taking program, and presentation software. Today, we will take a look at the variables that decision makers need to confront when choosing the right productivity suite for their business.

Contact Us

Learn more about what Oh-Tech can do for your business.

Oh-Tech
30E Chalwyn Industrial Estate
Poole, BH12 4PE

Terms & Conditions