You are here: Blog Tags Content Filtering

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Voyage Technology Blog Alerts
0 Comments
Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Honestly, it shouldn’t be surprising that 2020 has come to an end with news of a massive cyberespionage attack—the biggest ever, as a matter of fact. Let’s dive into what we know, and what it signifies.

 How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

It is going to be some time before it becomes clear how deeply this threat went, assuming it ever does. Regardless, we want you to remember that Voyage Technology is here to help protect your business from as many IT issues as possible so that you can be more productive. To find out more about what we offer, give us a call at 800.618.9844 today.

Tweet
Tags:
Security Network Security Vendor
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 22 March 2026

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Efficiency Hardware Network Security User Tips Internet IT Services Malware IT Support Privacy Workplace Tips Phishing Google Email Computer Workplace Strategy Collaboration Hosted Solutions Small Business Backup Users Managed Service Ransomware Mobile Device Productivity Microsoft Quick Tips Passwords Saving Money Communication Cybersecurity AI Data Backup Smartphone Disaster Recovery Data Recovery Android Upgrade VoIP Business Management Smartphones communications Mobile Devices Windows Social Media Browser Microsoft Office Managed IT Services Network Current Events Tech Term Remote Internet of Things Holiday Automation Artificial Intelligence Facebook Miscellaneous Information Cloud Computing Training Compliance Gadgets Covid-19 Remote Work Server Managed Service Provider Outsourced IT IT Support Employee/Employer Relationship Encryption Spam Office Windows 10 Data Management Business Continuity Government Wi-Fi Business Technology Windows 10 Bandwidth Virtualization Blockchain Vendor Two-factor Authentication Mobile Office Managed Services Data Security Apps BYOD Mobile Device Management Tip of the week Chrome Voice over Internet Protocol Gmail Budget WiFi Apple Networking App Employer-Employee Relationship Applications Computing Hacker Physical Security Information Technology Avoiding Downtime Access Control Marketing Office 365 Conferencing Managed IT Services How To BDR HIPAA Operating System Router Computers Risk Management Virtual Private Network Website 2FA Help Desk Health Analytics Office Tips Augmented Reality Healthcare Retail Storage Password Bring Your Own Device Big Data Customer Service Vendor Management Cybercrime Display Printer Windows 11 Paperless Office Monitoring Infrastructure Excel Firewall Document Management Remote Workers Managed IT Service Telephone The Internet of Things Scam Data loss Cooperation Free Resource Project Management Windows 7 Social Microsoft 365 Going Green Patch Management Save Money Remote Monitoring Solutions End of Support Vulnerability Employees Content Filtering Hacking IT Management Integration YouTube Meetings Presentation VPN User Tip Modem Processor Cryptocurrency Mobile Security Wireless Technology Holidays Computer Repair Virtual Desktop Data Storage Data storage LiFi Smart Technology Supply Chain Video Conferencing Managed Services Provider Word Saving Time Outlook Virtual Machines Professional Services Machine Learning Money Humor Downloads Safety Maintenance iPhone Licensing Sports Antivirus Mouse Entertainment Vulnerabilities Data Privacy Administration Images 101 Telephone System Multi-Factor Authentication Mobility Cost Management Robot Customer Relationship Management Settings Wireless Printing Unified Threat Management Trend Micro Hosted Solution Specifications Security Cameras Workplace Strategies Microchip Internet Exlporer Software as a Service Typing Fraud Meta Managing Costs Amazon Network Congestion Username Google Drive User Error eCommerce User Black Friday SSID Knowledge Database Surveillance Virtual Assistant Outsource IT IT Technicians Virtual Machine Environment Point of Sale Media 5G Proxy Server Reviews IP Address Google Docs Cookies Unified Communications Cyber Monday Medical IT Experience Tactics Development Bitcoin Network Management Hotspot Transportation Small Businesses Running Cable Tech Support Google Wallet Mirgation Hypervisor Displays Monitors Shopping Nanotechnology Optimization Recovery PowerPoint Laptop Websites Addiction Hard Drives Windows 8 Language Employer/Employee Relationships Outsourcing Domains Drones Chatbots Navigation Management PCI DSS Gig Economy SharePoint Screen Reader Distributed Denial of Service Workplace Electronic Medical Records Halloween Service Level Agreement Internet Service Provider Refrigeration Computing Infrastructure Teamwork Hiring/Firing Regulations Compliance Public Speaking Lenovo Identity Evernote Paperless Writing Bookmark Lithium-ion battery Smart Tech Memes Co-managed IT Virtual Reality Alerts SQL Server Technology Care Entrepreneur Scary Stories Private Cloud Download Net Neutrality Hacks Server Management Financial Data Superfish History Identity Theft Business Communications Fun Browsers Smartwatch Connectivity IT Deep Learning Break Fix Scams Twitter Azure Hybrid Work Error Upload Procurement Undo Social Network Telework Cyber security Education Multi-Factor Security Tech Human Resources Social Engineering CES IoT Communitications Dark Web Cables Remote Computing Trends Supply Chain Management Mobile Computing Customer Resource management FinTech Regulations Tablet Google Calendar Term Google Apps Search Data Analysis Star Wars IT Assessment Application Best Practice Microsoft Excel IT Maintenance Alert Staff Value Business Intelligence Buisness File Sharing Dark Data Gamification Flexibility Managed IT Organization IBM Legal Social Networking IT solutions Legislation Shortcuts How To Fileless Malware Digital Security Cameras Smart Devices Business Growth Ransmoware Notifications Wearable Technology Memory Vendors Travel Content Remote Working Health IT Techology Motherboard Data Breach Google Maps Comparison Google Play Be Proactive Cortana Directions Videos Assessment Electronic Health Records Alt Codes Permissions Workforce Wasting Time Threats Downtime Unified Threat Management Competition

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015