Nexus IT Consultants’ Earl Foote and Tara Anderson recently appeared on Mountain Connections to talk about the SolarWinds Hack.
The US Government and numerous corporations around the world were hit by a devastating supply chain attack late last year. What is presumed to be a foreign state-sponsored cyber-military team, injected dangerous code into an update of popular software developed by SolarWinds.
For a full breakdown of how this breach occurred, check out this recent episode of Mountain Connections, featuring Nexus IT Consultants’ Earl Foote and Tara Anderson:
In a filing with the SEC on December 14th, SolarWinds divulged that the hackers managed to infiltrate the system they use to develop updates for its Orion product. They then inserted a malicious code into the software update that was due for release.
This is known as a supply-chain attack, i.e., hackers compromise software during assembly and use it to attack different targets. What’s especially troubling about this attack is that it used software that was otherwise intended to help IT teams identify and mitigate threats just like it.
Likely the result of negligence in the federal government’s cybersecurity oversight, this attack was ongoing for more than nine months.To this day, the government is still investigating the extent of the attack.
According to SolarWinds, up to 18,000 out of its 33,000 Orion customers had already installed the tainted software by the time news of the breach broke. This number is too high to hack at once — even for a nation-state hacker group like Cozy Bear.
The attackers must have, therefore, prioritized high-end targets like federal agencies and multinational companies like Microsoft. However, even this doesn’t guarantee that they actually hacked these organizations.
“I would recommend everyone have a significantly heightened perspective when it comes to cybersecurity and your day-to-day interactions with technology,” said Earl on Mountain Connections.
The key lesson here is to make sure you don’t take any chances when it comes to your cybersecurity. It’s vital that you assume that you are a target and conduct an extensive network assessment to determine the risk levels. Key areas to focus on include traces of the malware, any backdoors, and signs of abnormal activities.
Not sure where to begin? Get in touch with the Nexus IT Consultants team.