In This Week's News
By now, you have probably heard about the most recent cyberattacks on the U.S. News that initially came out on December 8, 2020. Cybersecurity firm FireEye put out a blog detailing an attack on its systems. Since the initial FireEye announcement, new developments have continued to surface.
This attack is labeled a "supply chain" attack because it uses a 3rd party vendor to indirectly attack other organizations. In this case, the attackers used IT remote management software called Orion, which is supplied by SolarWinds, a U.S. based IT company.
We now know that the attack likely started in March 2020. The New York Times has reported the attackers breached parts of the Pentagon, CDC, State Department, U.S. Treasury, and Commerce Departments. Along with U.S. technology and accounting companies, including Microsoft, at least one hospital, and a university. U.S. experts now believe that Russian intelligence (SVR) orchestrated the attacks.
This attack has been one of the largest espionage attacks in U.S. history; the stolen tools and tactics used for the breach could lead to a larger scale general attack across all business sectors, similar to the WannaCry ransomware attacks in 2017. Those attacks took advantage of an exploit discovered by the National Security Agency (NSA) stolen and leaked the year before by the hacking group, The Shadow Brokers. As a small business owner, it is more important than ever to stay vigilant and protect the business you have worked so hard to build.
Impact on Your Business
For our customers, the leading threat continues to be ransomware. It is essential to understand that ransomware attacks consist of two distinct acts. First is the breach itself, and the technology used to perpetrate the breach of protected systems continues to evolve. The second act of any ransomware attack is the process of ransoming a system. And while breach technologies continue to evolve, the behaviors needed to ransom a machine don't change.
We want our customers to know that Secure Solutions Technology does not utilize SolarWinds products. Also, we use one of the industry's top anti-virus (AV) or endpoint protection solutions. Unlike most anti-virus, rather than focusing on breach prevention, our solution uses an Artificial Intelligence engine to detect malicious behavior to block attacks. As mentioned above, actions needed to ransom a system don't change. So, monitoring for those behaviors means that your systems are protected no matter how sophisticated the attacks.
For more information or to learn how we can help protect your business, contact us at firstname.lastname@example.org or call us at 704.754.8484.