Error
  • Error loading component: com_advancedmodules, 1
You are here: Blog Bloggers

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Voyage Technology Blog Alerts
0 Comments
Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Honestly, it shouldn’t be surprising that 2020 has come to an end with news of a massive cyberespionage attack—the biggest ever, as a matter of fact. Let’s dive into what we know, and what it signifies.

 How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

It is going to be some time before it becomes clear how deeply this threat went, assuming it ever does. Regardless, we want you to remember that Voyage Technology is here to help protect your business from as many IT issues as possible so that you can be more productive. To find out more about what we offer, give us a call at 800.618.9844 today.

Tweet
Tags:
Security Network Security Vendor
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 06 May 2026

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Hackers Cloud Efficiency Hardware Network Security User Tips Internet IT Services Malware IT Support Phishing Privacy Google Email Workplace Tips Computer Workplace Strategy Collaboration Backup Small Business Hosted Solutions Ransomware Users AI Managed Service Mobile Device Productivity Microsoft Passwords Saving Money Quick Tips Communication Cybersecurity Smartphone Data Backup Data Recovery Disaster Recovery Android Upgrade VoIP Business Management Smartphones communications Mobile Devices Windows Social Media Browser Managed IT Services Microsoft Office Current Events Network Tech Term Internet of Things Remote Information Miscellaneous Artificial Intelligence Facebook Holiday Automation Compliance Cloud Computing Covid-19 Training Gadgets Server Outsourced IT Managed Service Provider IT Support Remote Work Employee/Employer Relationship Encryption Spam Office Windows 10 Data Management Government Business Continuity Wi-Fi Windows 10 Bandwidth Blockchain Vendor Virtualization Business Technology Managed Services Two-factor Authentication Mobile Office Data Security Apps Tip of the week Voice over Internet Protocol Networking Mobile Device Management Chrome Gmail Budget WiFi BYOD Apple App Employer-Employee Relationship Computing Hacker Conferencing Information Technology Avoiding Downtime Marketing Managed IT Services Office 365 How To BDR Password HIPAA Physical Security Applications Access Control Operating System Computers Risk Management Retail Healthcare Website Analytics Office Tips Augmented Reality Storage Bring Your Own Device Router Big Data Virtual Private Network Health 2FA Help Desk Customer Service Cybercrime Excel Document Management Remote Workers Managed IT Service Telephone Scam Data loss Cooperation Free Resource Project Management Firewall Windows 7 Patch Management Save Money Microsoft 365 Remote Monitoring End of Support Vulnerability The Internet of Things Vendor Management Solutions Social Display Printer Going Green Paperless Office Windows 11 Infrastructure Monitoring Video Conferencing Content Filtering Hacking Machine Learning Managed Services Provider Presentation Virtual Machines YouTube Professional Services Saving Time Cryptocurrency Wireless Technology Maintenance Downloads Antivirus Virtual Desktop iPhone Data storage LiFi Licensing Entertainment Word Vulnerabilities Outlook Data Privacy Images 101 Money Humor Multi-Factor Authentication Robot Mobility Telephone System Cost Management Safety Sports Mouse IT Management Meetings VPN Employees Administration Integration Modem User Tip Processor Computer Repair Mobile Security Holidays Customer Relationship Management Settings Data Storage Printing Smart Technology Supply Chain Wireless SharePoint Addiction Hosted Solution Electronic Medical Records Language Employer/Employee Relationships Outsourcing Navigation Management PCI DSS Typing Chatbots Screen Reader Writing Distributed Denial of Service Workplace Lenovo Gig Economy Google Drive Service Level Agreement Internet Service Provider User Virtual Reality Computing Infrastructure Teamwork Hiring/Firing Knowledge Evernote Paperless Server Management Regulations Compliance Private Cloud Identity Superfish Bookmark Identity Theft Smart Tech Memes Co-managed IT 5G IP Address Google Docs Download Net Neutrality Unified Communications Twitter Alerts SQL Server Technology Care Experience Error History Running Cable Business Communications Financial Data Bitcoin Browsers Smartwatch Google Wallet Connectivity IT Social Engineering Break Fix Scams Upload Procurement Recovery Remote Computing Azure Hybrid Work Cyber security Laptop Multi-Factor Security Tech Human Resources Social Network Telework Hard Drives Windows 8 CES Domains Drones Tablet IoT Communitications Dark Web Cables Trends Supply Chain Management Alert File Sharing Regulations Halloween Dark Data Google Calendar Term Google Apps Managed IT Customer Resource management FinTech Refrigeration Data Analysis Public Speaking Star Wars IT Assessment How To Microsoft Excel IT Maintenance Lithium-ion battery Gamification Flexibility Notifications Staff Value Business Intelligence Travel Social Networking Entrepreneur Scary Stories Legislation Shortcuts Organization Hacks Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Ransmoware Fun Content Remote Working Deep Learning Wearable Technology Memory Vendors Unified Threat Management Motherboard Data Breach Comparison Google Play Be Proactive Health IT Undo Unified Threat Management Directions Videos Assessment Electronic Health Records Education Permissions Workforce Wasting Time Threats Trend Micro Network Congestion Specifications Security Cameras Workplace Strategies Mobile Computing User Error Microchip Internet Exlporer Software as a Service Fraud Meta Search Username Application Best Practice Managing Costs Amazon Point of Sale eCommerce Buisness Black Friday SSID IBM Legal Database Surveillance IT solutions Virtual Assistant Outsource IT Media Network Management Business Growth Tech Support IT Technicians Virtual Machine Environment Cookies Monitors Cyber Monday Medical IT Proxy Server Reviews Tactics Development Hotspot Transportation Small Businesses Cortana Alt Codes Websites Mirgation Hypervisor Displays Competition Nanotechnology Optimization Downtime PowerPoint Shopping

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015