The recent SolarWinds cybersecurity attack has redirected the focus from Russian election hacking to other Russian cyber hacking. Over the past four years, Russia has been the number one culprit for cyberattacks in the United States, whether they were behind it or not, the focus was always on them.
Most recently, the Russian government has been accused of the SolarWinds cybersecurity attack by allegedly infiltrating various United States federal computer systems through server software provider, SolarWinds.
SolarWinds is an IT service management provider whose programs are used by the Pentagon, White House, NASA, and roughly 425 of the fortune 500 companies. To say that SolarWinds was a large IT provider would be an understatement.
As of now, the attack is thought to attack the United States’ government, companies, and American citizens. The actual extent of the attack is not yet known.
One of the main concerns is that secrets, strategies, information, and other highly classified information is now accessible by the hackers, whoever they may be. The United States Treasury and Commerce departments have been affected and there are other departments who are thought to have been affected as well.
“It appears that the purpose of the attack was to kneecap American capabilities and defenses, a cyber era cold war if you will. “It appears the attackers may have taken our own tools for finding vulnerabilities in foreign networks. They hacked our hacking capability. It’s very early, but the level of immediate reaction suggests a very, very serious intrusion,” said Matthew Schmidt, a professor in the national security department of the University of New Haven’s Henry C. Lee College of Criminal Justice and Forensic Sciences.
Schmidt also went on to add, “the initial sense is that the attack left the updating system for many key security systems open to exploitation, meaning it’s possible they could have attained root access to many agency’s systems. If that’s true, and we don’t know yet, it could mean the most important systems are compromised — personnel data, including foreign agents, planning, operations, etc. If anything near the worst is true, it will mean months of work to determine whether it’s safe to use these systems.”
The attack comes from an initial breach of SolarWinds’ Orion software. The attack carried malware that affected nearly all IT departments using the program.
Another major cause for concern is that the attack comes in the wake of top cybersecurity official, Christopher Krebs, Director of DHS’ CISA, being fired by the president. With a vulnerable cybersecurity department and the White House’s alleged ties to Russia, the information that comes out over the next few days will be crucial to determining the extent of this attack.
One way to protect yourself against cyberattacks and to increase overall protection is to use different passwords for accounts, monitor bank accounts to ensure funds are not being depleted, using two-factor authentication when possible, and not visiting or clicking on untrusted sites and links.
The severity of this attack is not yet known but if it turns out to be as severe as experts predict, the cybersecurity space could see a major influx of cash over the next several weeks to ensure the protection of other companies.