Takeaways from the SolarWinds ransomware hacks

In December of 2020, headlines revealed that a major software company, SolarWinds (SW), was hacked in 2019. SW provides a variety of system management tools for network and infrastructure monitoring.  

The reason this made headlines for multiple reasons. First, SW waited months to reveal they were breached. The hackers got into SolarWinds’ network via malicious code they placed in an update to the Orion software package. Lastly, the malicious actors had an impressively detailed and well-planned, strategic approach to targeting SW’s internal IT infrastructure.  

This breach scenario leads to many uncomfortable questions including, why did they wait to disclose the breach? Why weren’t they performing regular software patch updates? And how long had the hackers been in their system before they were discovered? 

To learn more about this breach, Bobby Cheney, an Associate Dean for Academic Affairs and Professor in Law at the University of Texas, released a thorough case study. 

The worst part of the SolarWinds breach is that their customers uploaded the compromised software to their on-premise networks, putting themselves and their companies, unknowingly, at risk.  

Reading and thinking about a security breach is terrifying. However, the best response is to learn how you can help prevent the same thing from happening to your company.  

Here’s what you can do: 

  1. Invest in enhanced cybersecurity tools and techniques.  

This includes vulnerability and security assessments, seamless endpoint protection, comprehensive protection for SMBs, all-encompassing network security and SaaS and security for cloud-based apps. These are next generation advanced security measures that will make sure your IT systems are continuously monitored for all suspicious activity that is then addressed as quickly as possible.  

The most important thing to know is that malicious actors don’t typically announce their presence in your system right away. Instead, they bide their time, learning everything they need to know to attack you at your weakest and then ask for a ransom.  

  1. Get regular and all software updates as soon as they’re available.  

Though the SolarWinds breach was exceptional because hackers hijacked their way into their customers’ networks via an Orion software update, most of the time software patches fix security vulnerabilities. Get the updates but know for sure they’re safe with enhanced cybersecurity measures (see item 1 in this list).  

  1. Create a disaster recovery and business continuity plan  

At the end of the day, a security breach is an adverse event that can halt your business operations and cause irreparable damage just like a flood or a tornado. Put a plan in place to make sure you can keep your doors open and that will ensure a speedy recovery when disasters strike.  

  1. Create and implement cybersecurity policies for your team. 

These policies will help guide proper and more secure access to and use of your data because they outline cybersecure behaviors for your team to follow.  

  1. Invest in cybersecurity awareness training for your team.  

They really do need it. Cyber criminals are using increasingly sophisticated tools daily to illegally access your IT infrastructure and systems for their own financial gain. You need professional help in training your staff to recognize these attempts. Especially because most of them come through their email inbox as phishing schemes.  

Protecting your computer network from cyberattacks is critical to your company and your client’s information. If you would like to learn more, click here