Some of the most important agencies within the United States government have been under attack for months. You didn’t see the attacks because they didn’t come from guns and missiles. They came from malware that snuck onto government networks through a third-party application.
At this point, the government hasn’t yet released information about what cyber terrorists may have stolen from some of the world’s most sensitive agencies, but it’s clear the attack will have repercussions on business cybersecurity throughout the country.
SolarWinds has been a reliable network monitoring company since 1999. Several agencies within the United States government rely on SolarWinds for cybersecurity services. Some of the company’s clients include the Department of Defense, the Federal Reserve, the Secret Service, the Office of the President of the United States, and the National Security Agency.
Companies that work with SolarWinds include Microsoft, Ford, Visa, Lockheed Martin, and PwC.
These organizations rely on top security measures to protect some of the nation’s most sensitive information. For decades, it seemed that SolarWinds could provide adequate protection. Doubts quickly emerged in December, however, when a large-scale hack attacked about 33,000 users of the company’s product, Orion.
Unsurprisingly, SolarWinds’ stock price fell from $23.55 to $14.18 within just one week.
A Sophisticated Attack Against the United States
The SolarWinds attack on U.S. federal agencies seems to have taken a radically different—and much more sophisticated—approach to infiltrating secured systems than many of the other cyber attacks that occurred in 2020.
Instead of the common methods of phishing, social engineering, or even a ransomware attack, the cyber criminals used a method called a supply chain attack. In a supply chain attack, hackers look for vulnerabilities in third-party applications or connections. They can exploit the security vulnerability to attack systems using the application.
In the SolarWinds attack, hackers identified a vulnerability in the Orion platform that gave them access to thousands of systems that used the software. Recent evidence shows that the hackers may have had access since the spring of 2020. Criminals likely had some level of access to sensitive government data for at least eight months.
The latest information shows that the Russian-backed hacker group known as APT29 or Cozy Bear is likely responsible for the attack. This group has been accused of attacks since 2014, with targets including the Pentagon in 2014, Democratic National Committee in 2016, Norwegian Government in 2017, and various sources of COVID-19 vaccine data in 2020.
What Does the SolarWinds Attack Say about Business Cybersecurity?
For obvious reasons, most people are concerned about the attack’s effect on the U.S. government. However, businesses also have a lot to learn from the SolarWinds supply chain attack.
As an IT management organization, SolarWinds certainly had cybersecurity measures in place, just as the other organizations targeted through the breach do. But this dedicated attack still made its way through.
Normal businesses likely won’t face an attack as carefully planned and devastating, but the attack proves the importance of cybersecurity for every organization.
Third-Party Vendors Can Open Vulnerabilities
Nearly all businesses work with third-party vendors. Imagine trying to run a business successfully without relationships with suppliers, vendors, and other business partners.
You cannot eliminate the business cybersecurity threat of working with third-party vendors, nor the other day-to-day cyber threats that are present in our digital world. But you can minimize them and take proactive steps to protect your systems. A trusted managed IT services provider can lower risks by:
- Scanning your system for weaknesses and using constant monitoring to quickly identify threats and suspicious activity
- Using penetration testing to find vulnerabilities in your system
- Providing user training to significantly reduce the chance of falling prey to socially engineered attacks
- And much more.
The hackers behind the SolarWinds attack had exceptional skills and patience. Very few cybercriminals have the ability to commit such a coordinated, under-the-radar attack. It’s very unlikely that you will need to protect your system from that level of sophistication. Managed business cybersecurity services might not always have the ability to locate such extraordinary attacks, but they can eliminate most attempts that come through third-party vendors.
Another Business Cybersecurity Tool: The Zero-Trust Policy
Zero-trust security policies can be another tool to protect your systems, especially in the case of outside threats. They take a position of extreme caution rather than trust when it comes to allowing access to your systems and accounts. Everything faces intense scrutiny before gaining authorization, and access is limited to only necessary users.
You can’t prevent all attacks, but you can manage risk and eliminate the problem as quickly as possible with the help of experienced cybersecurity professionals.
Get the Managed Security Services Your Business Deserves
Don’t take any risks with your business cybersecurity. Contact Tolar Systems today to learn more about how to implement a layered security plan to best protect your business.