You are here: Blog Calendar

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Voyage Technology Blog Alerts
0 Comments
Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Honestly, it shouldn’t be surprising that 2020 has come to an end with news of a massive cyberespionage attack—the biggest ever, as a matter of fact. Let’s dive into what we know, and what it signifies.

 How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

It is going to be some time before it becomes clear how deeply this threat went, assuming it ever does. Regardless, we want you to remember that Voyage Technology is here to help protect your business from as many IT issues as possible so that you can be more productive. To find out more about what we offer, give us a call at 800.618.9844 today.

Tweet
Tags:
Security Network Security Vendor
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 28 January 2026

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Efficiency Hardware Network Security User Tips Internet Malware IT Support Privacy IT Services Google Email Workplace Tips Computer Phishing Collaboration Hosted Solutions Workplace Strategy Users Ransomware Mobile Device Backup Small Business Microsoft Productivity Managed Service Quick Tips Passwords Saving Money Communication Cybersecurity Data Backup Smartphone Android Upgrade AI Disaster Recovery Data Recovery Business Management VoIP Smartphones Mobile Devices communications Windows Browser Social Media Microsoft Office Managed IT Services Network Current Events Tech Term Internet of Things Remote Automation Artificial Intelligence Facebook Information Miscellaneous Holiday Training Covid-19 Gadgets Cloud Computing Server Managed Service Provider Compliance Remote Work IT Support Outsourced IT Employee/Employer Relationship Encryption Spam Windows 10 Office Data Management Business Continuity Government Business Technology Windows 10 Blockchain Bandwidth Virtualization Wi-Fi Two-factor Authentication Mobile Office Vendor Data Security Apps Mobile Device Management Tip of the week Chrome Gmail Budget WiFi Apple Networking App Employer-Employee Relationship BYOD Managed Services Voice over Internet Protocol Avoiding Downtime Access Control Marketing Office 365 HIPAA Applications How To BDR Computing Hacker Conferencing Information Technology Healthcare Website Health Analytics Office Tips Augmented Reality Retail Storage Password Bring Your Own Device Router Big Data Managed IT Services 2FA Help Desk Operating System Computers Virtual Private Network Risk Management Printer Telephone Paperless Office Infrastructure Cooperation Free Resource Project Management Windows 7 Firewall Document Management Microsoft 365 Solutions The Internet of Things Scam Data loss Social Going Green Patch Management Windows 11 Save Money Monitoring Remote Monitoring Vulnerability End of Support Customer Service Vendor Management Cybercrime Excel Physical Security Remote Workers Display Computer Repair Downloads iPhone Virtual Desktop Licensing Data storage LiFi Vulnerabilities Word Entertainment Data Privacy Outlook Machine Learning Money Images 101 Humor Telephone System Multi-Factor Authentication Mobility Cost Management Safety Maintenance Antivirus Sports Mouse Employees Integration Administration User Tip Modem Mobile Security Processor Robot Holidays Customer Relationship Management Settings Data Storage Printing Wireless Smart Technology Supply Chain Video Conferencing Content Filtering Managed Services Provider Hacking IT Management Professional Services Presentation VPN YouTube Meetings Saving Time Virtual Machines Cryptocurrency Managed IT Service Wireless Technology Download Net Neutrality Alerts SQL Server Technology Care IP Address Google Docs Unified Communications Experience Running Cable Tech Support Financial Data History Business Communications Bitcoin Network Management Break Fix Scams Google Wallet Browsers Smartwatch Monitors Connectivity IT Upload Procurement Azure Hybrid Work Recovery Laptop Websites Social Network Telework Cyber security Multi-Factor Security Tech Human Resources Hard Drives Windows 8 Dark Web Cables Domains Drones CES IoT Communitications Trends Supply Chain Management SharePoint Electronic Medical Records Halloween Customer Resource management FinTech Regulations Google Calendar Term Google Apps Refrigeration Microsoft Excel IT Maintenance Public Speaking Lenovo Data Analysis Writing Star Wars IT Assessment Virtual Reality Gamification Flexibility Staff Value Business Intelligence Lithium-ion battery Hacks Server Management Entrepreneur Scary Stories Private Cloud Organization Social Networking Legislation Shortcuts Ransmoware Superfish Identity Theft Fileless Malware Digital Security Cameras Fun Smart Devices Twitter Content Remote Working Wearable Technology Memory Vendors Deep Learning Undo Error Health IT Motherboard Data Breach Comparison Google Play Be Proactive Permissions Workforce Education Directions Videos Social Engineering Assessment Electronic Health Records Remote Computing Wasting Time Threats Mobile Computing Trend Micro Specifications Security Cameras Workplace Strategies Fraud Meta Tablet Microchip Search Internet Exlporer Software as a Service Alert Username Managing Costs Amazon Application Best Practice Managed IT Buisness File Sharing Dark Data eCommerce Black Friday SSID Virtual Assistant Outsource IT IBM Legal IT solutions How To Database Surveillance Notifications IT Technicians Virtual Machine Environment Media Business Growth Travel Proxy Server Reviews Cookies Cyber Monday Medical IT Hotspot Transportation Small Businesses Techology Google Maps Cortana Tactics Development Mirgation Hypervisor Displays Alt Codes Competition Downtime Unified Threat Management Shopping Nanotechnology Optimization PowerPoint Addiction Language Employer/Employee Relationships Outsourcing Unified Threat Management Hosted Solution Management PCI DSS Chatbots Navigation Typing Distributed Denial of Service Workplace Gig Economy Network Congestion Screen Reader Service Level Agreement Internet Service Provider Computing Infrastructure Teamwork Hiring/Firing Google Drive User Error User Knowledge Regulations Compliance Identity Evernote Paperless Co-managed IT Point of Sale Bookmark 5G Smart Tech Memes

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015