The federal government has recently made news by revealing that multiple government agencies and private enterprises working with the federal government have been targets of a persistent (and possible state level) cyber-attack.  The U.S. Government’s cybersecurity arm, Cybersecurity and Infrastructure Security Agency (CISA), has revealed that, as early as at least March of 2020, agencies – including the Department of Energy, the U.S. Treasury and Commerce departments, the National Nuclear Security Administration, and private entities who work with these agencies, namely SolarWinds and FireEye – were targets of these attacks.

CISA has stated that thwarting these attacks will be highly complex and require persistent and ongoing action.  Malware, which has been found to be running within these agencies, appears to have only been isolated to business networks. They report that no mission essential security functions have been compromised. Action was taken on any vulnerable software at the DOE to mitigate risk, and all software identified as being vulnerable to these attacks were disconnected from DOE networks.

How the Attack Took Place

SolarWinds is a popular company amongst government agencies and private enterprises, which incorporates a network monitoring solution product known as Orion.  Orion provides centralized monitoring across an organization’s entire IT stack including computers and servers.  Hackers were able to sneak malicious code onto the Orion product’s updates.  The new updates were then downloaded by organizations using the Orion product, thus, infecting their network.  SolarWinds reports that up to 18,000 of its customers had downloaded the software.

The malware gave hackers remote access to an organization’s networks including internal emails.  This opens up the possibility of confidential data being compromised including passwords shared via email, financial records, and any other private information that may flow from email to email.

Another company, FireEye, was also reported as targeted by cyberattacks resulting in the theft of highly sophisticated digital tools.  FireEye is a popular company that both government agencies and private entities use in helping secure their networks or identify breaches that have taken place in their own networks.  FireEye CEO, Kevin Mandia, stated that this attack differed from tens of thousands of incidents they have responded to over the years.  The tools that were stolen from FireEye are used to simulate sophisticated cyber-attacks and help find vulnerabilities in networks.

Ways to Protect Yourself Going Forward

So far, U.S. officials are not stating who they believe was behind the recent cyberattacks of these private entities or federal agencies.  They do state, however, that they believe these hacks to be perpetrated by highly sophisticated hackers with state-level backing.

You can protect yourself and your company’s private information by following a few key rules:

  1. Keep your computers and software up-to-date. This is the easiest way to prevent malware from exploiting your computers. Companies, like Apple and Microsoft, are always searching for vulnerabilities in their software and will often release updates to patch these holes to make their software more secure.
  2. Use a well-known ant-virus to detect and prevent malicious software from attacking your computer. Anti-virus software that is kept up-to-date can detect and remove infections before they become problematic on your system, and network.
  3. Always keep a backup, and, if possible, have an off-site backup as well. Keeping a backup of your data can help you roll back in case of disaster, or malicious attacks that render your computer unusable.
  4. Be mindful of phishing scams that may come through e-mail. Check the headers of any emails that you don’t recognize or that are asking for certain information.  Ensure that any links that are provided to you in an e-mail are valid by hovering your mouse pointer over them to reveal the full URL of where it’s taking you.
  5. Work with a Managed IT Solutions provider (like Natural Networks) who can help monitor your systems and ensure they are up-to-date and not infected. Managed IT services can help keep your computers running securely, and ensure they are being backed up regularly.

If you’re interested in learning more about daily IT trends, check out our blog. For more information about how a managed IT provider can help your business, give us a call today.