SolarWinds Cyber Attack: A 2020 Doozy to Learn From

By Don Cox, CISM CIBR, Chief Technology Evangelist

Oh 2020, what a year you have been! Just when I thought it couldn’t get any worse, we learn of a security breach impacting thousands of federal agencies and private companies. Turns out, while all of us hunkered down amid a global pandemic clinging to our devices, hackers had been quietly accessing 18,000 organizations, maybe more. Even tech giant Microsoft wasn’t immune to this ‘cyber pandemic.’

Government officials say Russia likely compromised a software update pushed from SolarWinds’ Orion IT management platform. (Companies use products like this to automate certain activities such as managing internet protocol (IP) addresses, monitoring devices and deploying updates.)

The SolarWinds breach is known as a supply chain attack, one which started in March but wasn’t discovered until December when FireEye, a private cyber security firm also impacted by the breach, sounded the alarm. Think 10 months’ worth of data out the window visible to who knows who?!?

A supply chain attack of this magnitude is often part of a larger campaign where there is NO EASY FIX. The malware used on Orion to gain access allowed a foothold where additional credentials could allow hackers to infiltrate other software programs. The gift that keeps on giving, that’s 2020 for you.

Honestly, I wish it were as simple as saying, ‘Leave it to 2020.’ Truthfully, I remember jaw-dropping cybercrimes 20 years ago as a federal IT agent working to prevent hackers from stealing proprietary company information, client lists, etc., etc. The sheer volume of daily attacks on both private and government sectors opened my eyes. I wasn’t sure then if we had the capacity and resources to keep up. Now I know many of us truly do not and now, more than ever, it’s so important that we do. The espionage landscape has changed. It’s not just nation states trying to steal military secrets and IP. It’s anyone who uses a computer. Yes, I’m talking to YOU.

Cyber security is not a static goal. It is a risk management process with continual work. Are you prepared? Can you face the almost certain cyber battles that lie ahead? Do you have IT experts on-hand with requisite experience in addressing advanced, persistent threats no matter the size or complexity of your operation? If not, can you find them, ASAP??

The New Year is full of opportunities to impact change. In January, I joined a talented team of passionate professionals to launch CIBR Warriors, a NEW Cyber Security and IT Networking Staff Augmentation firm. The company Founder and CEO, Tony Galati, is the Founder of one of America’s leading and most innovative IT Networking and Cyber Security technical colleges, MyComputerCareer. This partnership provides us with thousands of skilled and certified IT pros who’re prepared for today’s challenges.

CIBR Warriors is a great way to immediately fill a gap you can’t afford to leave open. Visit  www.cibrwarriors.com to learn more or contact me directly. Together, we’ll safeguard our systems and protect our way of life. Here’s to (fingers crossed) a brighter, more secure 2021!


Don Cox, CISM CIBR, Chief Technology Evangelist

Don Cox has over 25 years of experience in technology. Don started his career as a Special Agent with the US Secret Service Electronic Crimes Task Force in Washington DC, investigating high-tech crimes and conducting computer forensic investigations. He served as the Chief Information Security Officer at MEDNAX, the physician-led healthcare organization headquartered in Sunrise, FL. Don was selected as a Peerlyst Community: 29 Highly Influential CISOs of 2019. He serves as an Executive Member for CyberTheory.io and CyberEdBoard Community.

Before MEDNAX, Don was the Chief Information Officer at HHS, SAMHSA, and held executive leadership positions in several other government agencies. He served as the Deputy Chief Information Officer at Philidor Rx, Chief Information Officer at NOVA Corporation, and President, Innava Data Solutions.

Don holds a Master of Business Administration, Masters of IT Management, Graduate Certificate in Chief Information Officer Competencies, CISM, Security+, PMP, ITIL, and other computer forensics and industry certifications.