You are here: Blog Josh Coppage Inefficiency Can Cripple Your Business. Here Are Two Tools That Can Keep Business Moving

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Voyage Technology Blog Alerts
0 Comments
Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Honestly, it shouldn’t be surprising that 2020 has come to an end with news of a massive cyberespionage attack—the biggest ever, as a matter of fact. Let’s dive into what we know, and what it signifies.

 How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

It is going to be some time before it becomes clear how deeply this threat went, assuming it ever does. Regardless, we want you to remember that Voyage Technology is here to help protect your business from as many IT issues as possible so that you can be more productive. To find out more about what we offer, give us a call at 800.618.9844 today.

Tweet
Tags:
Security Network Security Vendor
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 11 June 2025

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Business Computing Data Productivity Business Software Innovation Hackers Cloud Network Security User Tips Hardware Internet Efficiency IT Support Malware Privacy Google Email Computer Phishing Workplace Tips IT Services Collaboration Users Hosted Solutions Mobile Device Workplace Strategy Ransomware Quick Tips Small Business Microsoft Cybersecurity Communication Passwords Data Backup Saving Money Smartphone Backup Managed Service Business Management VoIP Smartphones Android Mobile Devices communications Upgrade Disaster Recovery Browser Data Recovery Managed IT Services Social Media Windows Microsoft Office Current Events Tech Term Network Remote Internet of Things Productivity Artificial Intelligence Automation Facebook Gadgets AI Cloud Computing Covid-19 Miscellaneous Server Remote Work Managed Service Provider Outsourced IT Information Holiday Compliance Encryption Spam Training Employee/Employer Relationship Windows 10 Office Data Management Business Continuity Government Windows 10 Business Technology Bandwidth Virtualization Wi-Fi Blockchain Apps Data Security Two-factor Authentication Vendor Mobile Office IT Support Chrome Gmail Budget Managed Services Voice over Internet Protocol Apple App Employer-Employee Relationship Networking BYOD Mobile Device Management Access Control Tip of the week WiFi Conferencing How To BDR Computing Hacker Information Technology Avoiding Downtime HIPAA Marketing Applications Office 365 Augmented Reality Health Help Desk Storage Password Bring Your Own Device Retail Big Data Healthcare Managed IT Services Operating System Computers Risk Management Website Router Virtual Private Network Analytics Office Tips Paperless Office Firewall Windows 11 Infrastructure Monitoring 2FA Excel The Internet of Things Document Management Remote Workers Social Telephone Scam Data loss Going Green Cooperation Free Resource Project Management Windows 7 Customer Service Cybercrime Patch Management Save Money Microsoft 365 Remote Monitoring Vulnerability End of Support Vendor Management Solutions Physical Security Display Printer Money Holidays Humor Data Storage Smart Technology Supply Chain Safety Video Conferencing Machine Learning Managed Services Provider Sports Saving Time Mouse Virtual Machines Professional Services Managed IT Service Administration Maintenance Antivirus Downloads iPhone Licensing Vulnerabilities Entertainment Customer Relationship Management Data Privacy Settings Printing Wireless Content Filtering Images 101 Hacking Telephone System Presentation Multi-Factor Authentication YouTube Robot Mobility Cost Management Cryptocurrency Wireless Technology IT Management VPN Employees Meetings Virtual Desktop LiFi Integration Data storage User Tip Modem Word Computer Repair Mobile Security Processor Outlook Proxy Server Reviews Public Speaking Cookies Monitors Cyber Monday Medical IT Hotspot Transportation Small Businesses Lithium-ion battery Tactics Development Hacks Websites Mirgation Hypervisor Displays Entrepreneur Scary Stories Fun Shopping Nanotechnology Optimization PowerPoint Deep Learning Electronic Medical Records Language Employer/Employee Relationships Outsourcing SharePoint Addiction Management PCI DSS Undo Chatbots Navigation Lenovo Gig Economy Screen Reader Education Writing Distributed Denial of Service Workplace Service Level Agreement Internet Service Provider Virtual Reality Computing Infrastructure Teamwork Hiring/Firing Server Management Regulations Compliance Mobile Computing Private Cloud Identity Evernote Paperless Co-managed IT Search Superfish Bookmark Identity Theft Smart Tech Memes Download Net Neutrality Application Best Practice Twitter Alerts SQL Server Technology Care Financial Data Error History Buisness Business Communications Social Engineering Break Fix Scams Browsers Smartwatch IBM Legal Connectivity IT IT solutions Upload Procurement Business Growth Remote Computing Azure Hybrid Work Social Network Telework Cyber security Multi-Factor Security Tech Human Resources Dark Web Cables Cortana CES Tablet IoT Communitications Trends Supply Chain Management Alt Codes Alert Managed IT Customer Resource management FinTech Competition File Sharing Regulations Downtime Dark Data Google Calendar Term Google Apps Hosted Solution How To Microsoft Excel IT Maintenance Data Analysis Star Wars IT Assessment Gamification Flexibility Typing Notifications Staff Value Business Intelligence Organization Travel Social Networking Legislation Shortcuts User Ransmoware Knowledge Techology Fileless Malware Digital Security Cameras Google Drive Google Maps Smart Devices Content Remote Working Wearable Technology Memory Vendors 5G Health IT Unified Threat Management Motherboard Data Breach Comparison Google Play Be Proactive Unified Communications Permissions Workforce Experience Unified Threat Management Directions Videos IP Address Google Docs Assessment Electronic Health Records Bitcoin Wasting Time Threats Running Cable Google Wallet Trend Micro Network Congestion Specifications Security Cameras Workplace Strategies Recovery Fraud Meta User Error Microchip Internet Exlporer Software as a Service Username Hard Drives Windows 8 Managing Costs Amazon Laptop Domains Drones Point of Sale eCommerce Black Friday SSID Virtual Assistant Outsource IT Database Surveillance Network Management Refrigeration Tech Support IT Technicians Virtual Machine Environment Halloween Media

Blog Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015