You are here: Blog Josh Coppage Tip of the Week: Easily Alter Individual App Volumes in Windows 10

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Voyage Technology Blog Alerts
0 Comments
Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Honestly, it shouldn’t be surprising that 2020 has come to an end with news of a massive cyberespionage attack—the biggest ever, as a matter of fact. Let’s dive into what we know, and what it signifies.

 How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

It is going to be some time before it becomes clear how deeply this threat went, assuming it ever does. Regardless, we want you to remember that Voyage Technology is here to help protect your business from as many IT issues as possible so that you can be more productive. To find out more about what we offer, give us a call at 800.618.9844 today.

Tweet
Tags:
Security Network Security Vendor
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 06 November 2025

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Network Security Efficiency Hardware User Tips Internet Malware IT Support Privacy Google Email Workplace Tips Computer Phishing Collaboration IT Services Hosted Solutions Users Workplace Strategy Ransomware Mobile Device Microsoft Small Business Quick Tips Passwords Backup Cybersecurity Saving Money Communication Productivity Data Backup Managed Service Smartphone Android Upgrade Business Management VoIP Smartphones Data Recovery Mobile Devices communications Disaster Recovery Windows Browser AI Social Media Microsoft Office Managed IT Services Current Events Network Remote Tech Term Internet of Things Facebook Information Automation Artificial Intelligence Miscellaneous Gadgets Cloud Computing Covid-19 Holiday Training Remote Work Server Managed Service Provider Outsourced IT Compliance Encryption Spam Employee/Employer Relationship IT Support Office Windows 10 Government Data Management Business Continuity Virtualization Blockchain Wi-Fi Business Technology Windows 10 Bandwidth Data Security Apps Vendor Two-factor Authentication Mobile Office Apple Networking App Employer-Employee Relationship BYOD Mobile Device Management Tip of the week Chrome Gmail Managed Services Budget Voice over Internet Protocol WiFi How To BDR HIPAA Computing Hacker Applications Information Technology Avoiding Downtime Marketing Access Control Office 365 Conferencing Bring Your Own Device Big Data Managed IT Services Operating System Computers Router 2FA Virtual Private Network Risk Management Website Health Help Desk Office Tips Analytics Augmented Reality Retail Storage Password Healthcare The Internet of Things Scam Data loss Social Cooperation Free Resource Project Management Windows 7 Going Green Patch Management Save Money Microsoft 365 Remote Monitoring Vulnerability End of Support Customer Service Vendor Management Solutions Cybercrime Windows 11 Physical Security Display Printer Excel Paperless Office Infrastructure Monitoring Firewall Document Management Remote Workers Telephone Mouse iPhone Licensing Entertainment Administration Vulnerabilities Images 101 Telephone System Multi-Factor Authentication Robot Mobility Customer Relationship Management Cost Management Settings Printing Wireless Content Filtering Hacking IT Management Presentation VPN Employees YouTube Meetings Integration Cryptocurrency Wireless Technology User Tip Modem Supply Chain Computer Repair Mobile Security Processor Virtual Desktop Holidays Data storage LiFi Data Storage Word Smart Technology Outlook Video Conferencing Machine Learning Managed Services Provider Money Saving Time Virtual Machines Professional Services Humor Managed IT Service Data Privacy Safety Maintenance Antivirus Sports Downloads Browsers Smartwatch Education Connectivity IT Social Engineering Break Fix IT Maintenance Remote Computing Azure Business Intelligence Upload Procurement Mobile Computing Social Network Telework Cyber security Multi-Factor Security Tech Shortcuts CES Tablet IoT Communitications Search Dark Web Ransmoware Alert Vendors Application Best Practice Trends Supply Chain Management Managed IT Customer Resource management FinTech Buisness File Sharing Regulations Dark Data Google Calendar Term Be Proactive IBM Legal Data Analysis IT solutions Star Wars IT Assessment How To Microsoft Excel Workforce Notifications Staff Value Threats Business Growth Gamification Flexibility Organization Travel Social Networking Legislation Workplace Strategies Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Cortana Meta Wearable Technology Memory Amazon Alt Codes Content Remote Working Competition Health IT Downtime Unified Threat Management Motherboard Data Breach Comparison Google Play Unified Threat Management Directions Videos Hosted Solution Assessment Electronic Health Records Permissions Outsource IT Wasting Time Environment Media Typing Trend Micro Network Congestion Specifications Security Cameras Small Businesses Google Drive User Error Microchip User Internet Exlporer Software as a Service Knowledge Fraud Username Managing Costs Displays Point of Sale eCommerce 5G Black Friday SSID Experience Virtual Assistant Outsourcing IP Address Google Docs Unified Communications Database Surveillance Bitcoin Network Management Running Cable Tech Support IT Technicians Virtual Machine Google Wallet Proxy Server Reviews Cookies Monitors Cyber Monday Medical IT Workplace Hotspot Transportation Hiring/Firing Recovery Tactics Development Hard Drives Windows 8 Laptop Websites Mirgation Hypervisor Paperless Domains Drones Shopping Nanotechnology Optimization PowerPoint Co-managed IT Electronic Medical Records Language Employer/Employee Relationships Technology Care SharePoint Addiction Refrigeration Management PCI DSS Halloween Chatbots Navigation Business Communications Public Speaking Lenovo Gig Economy Screen Reader Writing Distributed Denial of Service Scams Virtual Reality Computing Infrastructure Teamwork Hybrid Work Lithium-ion battery Service Level Agreement Internet Service Provider Hacks Server Management Regulations Compliance Entrepreneur Scary Stories Private Cloud Identity Evernote Human Resources Superfish Bookmark Identity Theft Smart Tech Memes Fun Cables Twitter Alerts SQL Server Deep Learning Download Net Neutrality Undo Financial Data Error History Google Apps

Blog Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015