You are here: Blog Josh Coppage Tip of the Week: Use People Graphs in Excel for Data Visualization

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Voyage Technology Blog Alerts
0 Comments
Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Honestly, it shouldn’t be surprising that 2020 has come to an end with news of a massive cyberespionage attack—the biggest ever, as a matter of fact. Let’s dive into what we know, and what it signifies.

 How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

It is going to be some time before it becomes clear how deeply this threat went, assuming it ever does. Regardless, we want you to remember that Voyage Technology is here to help protect your business from as many IT issues as possible so that you can be more productive. To find out more about what we offer, give us a call at 800.618.9844 today.

Tweet
Tags:
Security Network Security Vendor
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 18 September 2025

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Business Computing Data Business Productivity Software Innovation Hackers Cloud Network Security Hardware User Tips Efficiency Internet Malware IT Support Privacy Google Computer Email Workplace Tips Phishing IT Services Hosted Solutions Collaboration Users Workplace Strategy Ransomware Mobile Device Microsoft Quick Tips Small Business Backup Saving Money Cybersecurity Passwords Communication Data Backup Smartphone Managed Service Android Business Management VoIP Smartphones Productivity Upgrade Mobile Devices communications Disaster Recovery Data Recovery Browser Social Media Windows Managed IT Services Microsoft Office AI Current Events Network Remote Tech Term Internet of Things Artificial Intelligence Facebook Automation Cloud Computing Information Covid-19 Holiday Miscellaneous Gadgets Remote Work Training Server Managed Service Provider Outsourced IT Employee/Employer Relationship Encryption Spam Compliance Windows 10 Office Data Management Business Continuity Government IT Support Windows 10 Bandwidth Virtualization Business Technology Wi-Fi Blockchain Vendor Apps Data Security Two-factor Authentication Mobile Office Chrome BYOD Gmail Budget Apple App Tip of the week Employer-Employee Relationship Managed Services Voice over Internet Protocol Networking Mobile Device Management HIPAA Applications WiFi Access Control Conferencing Computing Hacker Information Technology How To Avoiding Downtime BDR Marketing Office 365 Augmented Reality Router Storage Password Virtual Private Network Bring Your Own Device Health Big Data Help Desk Retail 2FA Operating System Healthcare Computers Managed IT Services Risk Management Website Analytics Office Tips Vendor Management Solutions Firewall Physical Security Display The Internet of Things Printer Paperless Office Infrastructure Social Monitoring Going Green Document Management Windows 11 Remote Workers Customer Service Cybercrime Telephone Scam Excel Data loss Cooperation Free Resource Project Management Windows 7 Patch Management Save Money Microsoft 365 Remote Monitoring End of Support Vulnerability Money Data Privacy IT Management Humor VPN Employees Meetings Integration Safety Sports User Tip Modem Computer Repair Mobile Security Mouse Processor Holidays Administration Data Storage Smart Technology Video Conferencing Machine Learning Managed Services Provider Professional Services Saving Time Virtual Machines Customer Relationship Management Settings Managed IT Service Printing Wireless Content Filtering Maintenance Hacking Supply Chain Antivirus Downloads iPhone Presentation YouTube Licensing Cryptocurrency Vulnerabilities Wireless Technology Entertainment Virtual Desktop Images 101 LiFi Data storage Robot Mobility Telephone System Multi-Factor Authentication Cost Management Word Outlook Assessment Electronic Health Records Permissions Public Speaking Unified Threat Management Directions Videos Google Apps Wasting Time Lithium-ion battery Network Congestion Specifications Security Cameras Hacks Entrepreneur Scary Stories IT Maintenance Trend Micro Fun Internet Exlporer Software as a Service Fraud Business Intelligence User Error Microchip Deep Learning Shortcuts Username Managing Costs Black Friday SSID Undo Ransmoware Point of Sale eCommerce Database Surveillance Virtual Assistant Education Vendors Be Proactive Network Management Tech Support IT Technicians Virtual Machine Monitors Cyber Monday Medical IT Mobile Computing Workforce Proxy Server Reviews Cookies Search Tactics Development Hotspot Transportation Threats Application Best Practice Workplace Strategies Websites Mirgation Hypervisor PowerPoint Buisness Meta Shopping Nanotechnology Optimization Addiction Electronic Medical Records Language Employer/Employee Relationships IBM Legal IT solutions Amazon SharePoint Business Growth Management PCI DSS Chatbots Navigation Writing Distributed Denial of Service Outsource IT Lenovo Gig Economy Screen Reader Cortana Media Service Level Agreement Internet Service Provider Virtual Reality Computing Infrastructure Teamwork Environment Alt Codes Server Management Regulations Compliance Private Cloud Identity Evernote Competition Downtime Small Businesses Superfish Bookmark Identity Theft Smart Tech Memes Download Net Neutrality Twitter Alerts SQL Server Hosted Solution Displays Typing Financial Data Error History Connectivity IT Social Engineering Break Fix Outsourcing Browsers Smartwatch Knowledge Upload Procurement Remote Computing Azure Google Drive User Multi-Factor Security Tech Workplace Social Network Telework Cyber security Tablet IoT Communitications Dark Web Hiring/Firing CES 5G Experience Paperless Trends Supply Chain Management Alert IP Address Google Docs Unified Communications Dark Data Google Calendar Term Bitcoin Running Cable Co-managed IT Managed IT Customer Resource management FinTech File Sharing Regulations Star Wars IT Assessment How To Microsoft Excel Google Wallet Technology Care Data Analysis Recovery Business Communications Gamification Flexibility Notifications Staff Value Legislation Hard Drives Windows 8 Laptop Scams Organization Travel Social Networking Google Maps Smart Devices Domains Drones Hybrid Work Techology Fileless Malware Digital Security Cameras Human Resources Content Remote Working Wearable Technology Memory Comparison Google Play Refrigeration Halloween Cables Health IT Unified Threat Management Motherboard Data Breach

Blog Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015