Archive

The Latest: SolarWinds Hack

SolarWinds Targeted Attack: Everything You Need to Know

solarwinds hack

SolarWinds is a IT firm in Texas, is the latest victim of a massive cyber security attack that left up to 18,000 of its customers vulnerable to the hackers. Many of which are high profile clients.

“In a nutshell, SolarWinds’ Orion product provides centralized monitoring across an organization’s entire IT stack. That means the attackers who were able to compromise this platform had an extremely high level of access to all of these client systems,” David Kennedy, CEO of TrustedSec, recently told Fox News.

The attackers which are suspected to be foreigners from Russia, managed to install malicious code into the company’s software undetected. When the company released a harmless software update to all its clients, it was anything but harmless. 

You might be wondering how can a major IT firm in the industry of security, end up being the one hacked?

Well many companies regularly maintain and optimize their software. This includes everything from adding new features, fixing a variety of bugs to more serious tasks. Like addressing potential loopholes that hackers can use to exploit the software. 

When these changes are made, they are sent out as updates that we download. This is the primary way to ensure we aren’t running outdated buggy software, with security risks. Therefore, we update our computers and cellphones every few months. 

However, whenever code is changed, even if that is to address a vulnerability, at the same time it may open the potential for other risks. 

It is highly unlikely, but If a mistake is made or a hacker discovers a loophole in the new code, essentially, they can bypass the software’s security. In many cases, there is no way to measure to what level the damage was done and what was exposed.

 What makes this case particularly one of the worst attacks, is that the breach went undetected for months and presumed to have exposed data in the highest places of government, including US military and the White house. 

When the software was hacked, a back door was created. The hackers were able to further the damage by installing even more malware. We can only guess this included many months of spying, collection of data, and implementing the virus as deep as possible.

Fox news stated that “According to Reuters, the hack was so serious it led to a National Security Council meeting on Saturday.” 

The weight of damage is still unknown but there’s is no doubt a planned attack may be coming.

Ciaccia, Chris. “What Is SolarWinds? A Look at the Hacked Software Company in Crosshairs.” Fox Business, Fox Business, 17 Dec. 2020, www.foxbusiness.com/technology/what-is-solarwinds-hacked-software-company.

Jibilian, Isabella. “Here’s a Simple Explanation of How the Massive SolarWinds Hack Happened and Why It’s Such a Big Deal.” Business Insider, Business Insider, 24 Dec. 2020, www.businessinsider.com/solarwinds-hack-explained-government-agencies-cyber-security-2020-12#:~:text=Beginning%20as%20early%20as%20March,spy%20on%20companies%20and%20organizations.

Let’s Talk Data Breach & Identity Theft…

In 2019 You might of received an email about a massive data breach of a major credit card line “capital one”...

 I sure did, the credit line I’m using actually. Over 100 million people’s personal data is exposed and over 140,000 social security numbers and 80,000 bank accounts are in the wrong hands. Capital one is already facing 300 million in damages. 

Data breaches contribute to identity theft. Think about all the places you give your personal information…. It only takes a single breach to expose your information and make you a target. 

Check out some of these stats ↓

  • There’s a new victim of identity theft every 2 seconds
  • Between 2017-2018 identity theft claims went up 19.8%. ⠀⠀
  • Public WiFi- we all love free WiFi at our favorite coffee shops. So do identity thieves. Because they are unprotected networks making it simple and effective to steal your data. 
  • 23 million credit cards were up for sale on the dark web for the first HALF of 2019. ⠀⠀

You might be thinking, I’m sure I’m safe. 🤨 Well, did you know you are more likely to have your identity stolen than your car stolen or your home burglarized?

So on second thought… maybe not. ⠀⠀

We all have insurance for ours cars, homes, health, even cell phones, so why wouldn’t you protect yourself? 

You can buy another car. But restore your identity? Not quite the same. With identity theft you are GUILTY until proven innocent. Let that sink in. If someone commits a crime under your name, you’ll spend time in jail before you can even say “it wasn’t me!” ⠀⠀

All this to say. Don’t be a victim. Don’t wait until its too late. ⚠️ Working in the technical field, everyday we see different levels of data breaches, from computer viruses, ransomware to one of the worst major hacks; Equifax. If you’re not protected, it can cost you big time.

NortonLifeLock, Written for. “15 Facts You Have to Know About Identity Theft.” LifeLock Official Site, www.lifelock.com/learn-identity-theft-resources-facts-you-have-to-know-about-identity-theft.html.

“2019 Capital One Cyber Incident.” 2019 Capital One Cyber Incident | What Happened | Capital One, 19 July 2019, www.capitalone.com/facts2019/.