Oh 2020, what a year you have been! Just when I thought it couldn’t get any worse, we learn of a security breach impacting thousands of federal agencies and private companies. Turns out, while all of us hunkered down amid a global pandemic clinging to our devices, hackers had been quietly accessing 18,000 organizations, maybe more. Even tech giant Microsoft wasn’t immune to this ‘cyber pandemic.’
Government officials say Russia likely compromised a software update pushed from SolarWinds’ Orion IT management platform. (Companies use products like this to automate certain activities such as managing internet protocol (IP) addresses, monitoring devices and deploying updates.)
The SolarWinds breach is known as a supply chain attack, one which started in March but wasn’t discovered until December when FireEye, a private cybersecurity firm also impacted by the breach, sounded the alarm. Think 10 months’ worth of data out the window visible to who knows who?!?
A supply chain attack of this magnitude is often part of a larger campaign where there is NO EASY FIX. The malware used on Orion to gain access allowed a foothold where additional credentials could allow hackers to infiltrate other software programs. The gift that keeps on giving, that’s 2020 for you.
Honestly, I wish it were as simple as saying, ‘Leave it to 2020.’ Truthfully, I remember jaw-dropping cybercrimes 20 years ago as a federal IT agent working to prevent hackers from stealing proprietary company information, client lists, etc., etc. The sheer volume of daily attacks on both private and government sectors opened my eyes. I wasn’t sure then if we had the capacity and resources to keep up. Now I know many of us truly do not and now, more than ever, it’s so important that we do. The espionage landscape has changed. It’s not just nation states trying to steal military secrets and IP. It’s anyone who uses a computer. Yes, I’m talking to YOU.
Cybersecurity is not a static goal. It is a risk management process with continual work. Are you prepared? Can you face the almost certain cyber battles that lie ahead? Do you have IT experts on-hand with requisite experience in addressing advanced, persistent threats no matter the size or complexity of your operation? If not, can you find them, ASAP??
The New Year is full of opportunities to impact change. In January, I joined a talented team of passionate professionals to launch CIBR Warriors, a NEW Cybersecurity and IT Networking Staff Augmentation firm. The company Founder and CEO, Tony Galati, is the Founder of one of America’s leading and most innovative IT Networking and Cybersecurity technical college, MyComputerCareer. This partnership provides us with thousands of skilled and certified IT pros who’re prepared for today’s challenges.
CIBR Warriors is a great way to immediately fill a gap you can’t afford to leave open. Visit www.cibrwarriors.com to learn more or contact me directly. Together, we’ll safeguard our systems and protect our way of life. Here’s to (fingers crossed) a brighter, more secure 2021!