At the end of 2020 a cybersecurity company, FireEye, made a disturbing discovery. Their systems had been infected with malware. Cybercriminals had maintained access to their systems for at least 9 months, completely undetected. It was the beginning of an unfolding story that continues to rock the nation.
FireEye is highly reputable cybersecurity company, and they were first alerted to suspicious activity when someone noticed two phones registered to one employee. Their investigation revealed that there was a string of malicious code in their software, Orion, created and maintained by the company, Solarwinds. The software Orion is used by companies and federal agencies to monitor activity on a network. This malicious code allowed hackers a “back door” into each private company and federal agency using the Orion software.
Corrupted software update spread massive infection
Through a complex process, Russian (alleged) hackers replicated an Orion software update with the addition of 3500 undetectable lines of malicious code. Solarwinds released this altered and corrupted software update to all it’s Orion software clients including private companies and federal agencies. The hackers rented space on domestic US servers to fly under the radar of the federal government’s international cybersecurity watchdog agencies, the National Security Agency (NSA) and the military's U.S. Cyber Command.
Federal agencies and private sector cybersecurity companies are still collaborating on the investigation for how and why this cyberattack happened, and how to prevent future attacks. Experts agree that the hacker’s novel techniques contributed to it’s devastating impact and the federal government recently warned the private sector of increased cybersecurity threats.
Complacency is the biggest risk
Hackers are continually developing new strategies to gain access to a target’s network, servers, and computers. It’s a constant threat with lucrative rewards that shows no sign of slowing. There are news stories every few days about another cyberattack wreaking havoc on another business or organization. A school district in Missouri fell victim to ransomware and canceled in person learning for the day. A company operating a huge pipeline ceased operation in the past week due to another cyber threat. You can’t help but hear about these stories repeatedly featured on the nightly news.
There’s a wakeup call needed for all small business owners in the aftermath of the Solarwinds cyberattack. Complacency is not an option because with cybersecurity it’s not a matter of if an attack will happen, but a matter of when an attack will happen. The Solarwinds cyberattack was simple and ruthless in its delivery through a routine software update. No one saw it coming! Federal government agencies and sophisticated cybersecurity companies were oblivious to what was going on in their own networks.
Do you know what is possibly operating on your own network? When was the last time you scanned your network and systems to proactively check your security? What measures do you have in place to protect your network? Do you have a plan in case you have a data breach of sensitive client data or valuable files?
It’s tempting to think that these attacks only happen to the “big guys” like Solarwinds, not a small business who has a lot less to steal. In fact, the opposite is true. 95% of all cyberattacks are aimed at small and medium businesses. Complacency is not an option for any small business owner.
The good news is that you’re not alone. Every single small business owner is facing a similar uphill battle trying to protect their business from cyberattacks. There’s new cybersecurity solutions being developed for the latest threats and tried and true network and endpoint protections available. The first step is to get a baseline of where you are currently with your cybersecurity, and then make a plan to add any additional layers of protection needed.