The age of global interconnectivity. As powerful and positive as it can be, it can also be dangerous and destructive. That’s what we learned recently when the United States experienced one of the most invasive hacks in our history. What the SolarWinds experience has taught us, when it comes to cybersecurity, is to trust no one.
If you missed it, here’s a quick overview of what went down:
First, it was discovered that hackers had found a way into government, Fortune 500 companies and more using malware attached to software updates for SolarWinds’ Orion, an IT management program. It’s a new trend, in which hackers go after their targets indirectly through vendors, finding vulnerabilities that aren’t as obvious through the front door. This particular entryway was clever as larger companies or institutions that are running large numbers of networks and desktops likely have multiple IT management systems in place, and then often have an umbrella system over all of those. In this case, Orion was that trusted top level. What was supposed to be a source of truth was the weakness that let the hackers in.
To make matters worse, it wasn’t an infiltration that was discovered right away. The investigation seems to indicate hackers were in SolarWinds’ systems for at least nine months. Email accounts were compromised which got them into other email accounts and the cascade of potential impact continued. What makes this situation more concerning is that since the story first broke, SolarWinds has admitted to discovering three additional vulnerabilities that led them to push out security patches.
Thankfully, Microsoft recognized the initial attack was dependent on a domain name. Once identified, they took steps to kill the domain and put code in place within impacted systems to contain and isolate malignant code. If they hadn’t, things could have been even worse.
Now the challenge is to figure out what the hackers did while inside. Were they just watching? Unlikely. Were other pieces of malware planted that will continue to steal information or even threaten system functions if a piece of code is triggered? It’s like finding out someone was living in your attic undetected. You know they’ve probably been there long enough to see some things and do some damage. But just how much, you don’t know.
The lesson learned through all of this is that in our digital world, you can never let down your guard. Cybersecurity and the strategy and tactics to protect your business and brand are constantly evolving and demand respect. Having the right partner to help ensure you’re always at the ready can be critical to success.