BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

Has Your Organization Been Breached By Solar Winds Malware?

Has Your Organization Been Breached By Solarwinds Malware?

Although mainstream media coverage of the massive Solarwinds hack seems to indicate the danger is over, the sophisticated hackers may still be hiding in plain sight.

Microsoft recently uncovered at least three strands of malware deployed by the alleged Russian hackers. This new revelation raises alarms across industries that the Solarwinds attacks may not be over. The question business professionals need to be answered is whether their network has been breached and if cybercriminals are actively copying and selling digital assets on the dark web.

Has Your Organization Been Breached By Solar Winds Malware?

What Is The Solar Winds Hack?

Highly skilled cybercriminals reportedly penetrated a Solarwinds system known as “Orion.” These stealth hackers managed to insert malicious code into its software products that were inadvertently dispersed to the outfit’s 33,000 customers in the form of updates.

This code created secret backdoors that allow digital thieves and spies to infiltrate wide-reaching networks, including government agencies such as the Department of Homeland Security and Treasury Department, among others. The so-called Solarwinds attacks were not limited to government targets. Malicious code has been identified in private sector organizations, and the full breadth of the cyberattacks remains unknown.

So pervasive and potentially destructive is the Solarwinds attack that congress held hearings to get a handle on its business and national security implications. Under intense questioning by lawmakers, an official from the Solarwinds reportedly blamed the breach on an intern who ignored the corporation’s cybersecurity protocols. According to news reports, the intern used the weak password “solarwinds123” and posted it online. Cybersecurity experts attribute upwards of 95 percent of breaches to human error.

Who Has Been Impacted By The Solarwinds Attacks?

To say the attacks blindsided private businesses and government agencies would be something of an understatement. Government-vetted firms such as FireEye were compromised due to the sophisticated methods used to hide the malicious code in software updates. The widespread embarrassment from organizations previously considered among the most secure has led many to believe critical information continues to be withheld. Much of the information released about the devastating breaches fails to identify the organizations that have been breached.

On the one hand, working with Solarwinds as a vendor or customer does not necessarily mean that an organization suffered a breach. But by that same token, the supply chain nature of the cyber-attack suggests that outfits outside direct Orion software users could be infected right now. That’s largely because congressional hearings and investigative reports indicate the hackers possess heightened skills, appear well-funded, and demonstrate a determination to hide in networks as long as possible to pilfer off digital assets and valuable personal data. Solarwinds appears to be an ongoing cybersecurity nightmare that should worry industry leaders.

How To Know If You Suffer A Solarwinds Breach?

As Microsoft and others continue to ferret out malicious strands of code, cybersecurity responses are being developed. Industry leaders who are concerned their organization may have been compromised enjoy access to open-sourced CodeQL queries. These are being rolled out by Microsoft to investigate incidents of Solarwinds Orion Malware laying hidden in networks.

Microsoft offers concerned parties free access to its cybersecurity software that was crafted to hunt down this malware. Decision-makers would also be wise to take the following proactive measures to ensure the integrity of their digital assets.

  • Enforce Strong Password Policies
  • Use Multi-Factor Authentication For Employee Login
  • Backup Data To Cloud & Offline Resources
  • Monitor Third-Party Controls & Interactions
  • Develop A Company-Wide Cybersecurity Policy
  • Require Employees To Undergo Cybersecurity Awareness Training
  • Maintain Enterprise-Level Firewalls & Virtual Private Networks

The Solarwinds attack highlights how clever, well-financed hackers can infiltrate seemingly impenetrable defenses such as the Department of Homeland Security. That’s why it’s essential for organizations to harden their cybersecurity defenses and deter emerging threats. However, the average business with even sound cybersecurity protections in place was no match for these Russian hackers. If you are concerned your network has been compromised through the Solawinds supply chain or by other threat actors, contact a cybersecurity expert and have your system analyzed and penetration tested.

More Like This

Cyber Criminals Are Actively Exploiting a WordPress Plugin Zero-Day

Cyber Criminals Are Actively Exploiting a WordPress Plugin Zero-Day The Fancy Product Designer plugin — commonly used to configure visual products on WordPress, Shopify, and WooCommerce — has been compromised. Cybercriminals are actively looking for sites that use this plugin so as to exploit a recently-discovered vulnerability. What Is a Zero-Day Exploit? The term zero-day …

Cyber Criminals Are Actively Exploiting a WordPress Plugin Zero-Day Read More »

Read More

Could A Colonial Pipeline-Style Cyberattack Disrupt Your Business?

Could A Colonial Pipeline-Style Cyberattack Disrupt Your Business? The Colonial Pipeline ransomware attack garnered national headlines after hackers caused widespread gasoline shortages along the Eastern U.S. seaboard. Among the hardest hit, North Carolina saw more than two-thirds of local pumps closed, and 80 percent of fueling stations in the nation’s capital ran dry. Images of …

Could A Colonial Pipeline-Style Cyberattack Disrupt Your Business? Read More »

Read More

AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs

Original release date: May 28, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are responding to a spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental organizations (NGOs). A sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact, a legitimate email marketing software …

AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs Read More »

Read More

How to Reinstall macOS on Your Computer

How to Reinstall macOS on Your Computer If your Mac has been having problems or behaving erratically as of late, it might be time for a fresh install of macOS using Recovery mode and Disk Utility. A new install may also be useful if you have plans to give away or sell your Mac. In …

How to Reinstall macOS on Your Computer Read More »

Read More

Understanding the Role of Non-Fungible Tokens (NFTs)

Understanding the Role of Non-Fungible Tokens (NFTs) Non-fungible tokens or NFTs are rising in popularity as more people discover their importance. These tokens come with unique metadata and identification codes, making it easier to distinguish individual tokens. Unlike digital currencies, such as Bitcoin and Ethereum, you cannot trade or exchange NFTs. They are cryptographic assets …

Understanding the Role of Non-Fungible Tokens (NFTs) Read More »

Read More

AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks

Original release date: May 11, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are aware of a ransomware attack affecting …

AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks Read More »

Read More