On December 13th, 2020, software company SolarWinds confirmed that they had been the victim of a data breach in which hackers infected their systems with malware, impacting around 18,000 customers.
As the unprecedented year of 2020 comes to a close, network management company SolarWinds is just stepping foot into their worst nightmare—a long journey of cleaning up a massive data breach.
According to SolarWinds, malicious code infected software updates for the company’s Orion products, which are used by 33,000 of their customers, many of which are large corporations and even organizations within the US federal government. Since then, sources have come out saying the hackers infiltrated networks and confidential email communications within the US Treasury, Commerce, and Homeland Security departments.
As more information comes to light regarding the breach, the company confirmed that around 18,000 of those 33,000 Orion customers potentially had the installation of the product containing the malicious code, according to SolarWinds. Included in these 18,000 customers are the company’s Microsoft Office 365 accounts.
Additionally, news continues to circulate regarding the attack that hit cybersecurity firm FireEye less than a week prior to SolarWinds’ announcement of the breach. On the same day of SolarWinds’ announcement, FireEye disclosed that the malware infrastructure used in the SolarWinds attack substantiated that the Orion products had actually been compromised back in March of this year, and almost certainly led to the FireEye breach.
The aftermath of the breach—which is still unfolding and will likely include several lawsuits—could have a potentially irreparable impact on SolarWinds. The legal consequences of the attack revolve around whether or not SolarWinds knew about the breach (or the possibility of one) earlier than they let on and responded inappropriately.
Furthermore, the fact that government agencies and their highly sensitive information were compromised in the breach could put the company at risk of major non-compliance consequences. And with Orion customers having contributed to about 45% of the company’s total revenue and stock prices plummeting, it’s not looking good for the longevity of SolarWinds.
Meanwhile, Microsoft has taken of one of the main domain names used by the hackers and is working to gather information regarding which SolarWinds customers were affected. With this domain access, Microsoft will likely be able to discover if any organizations are still trying to ping the domain, but they may still face obstacles with companies having shut off the Orion software completely.
While it’s still unclear how many organizations have actually been affected by the breach, it’s no surprise that many companies are on-edge regarding their cybersecurity and its efficacy. In 2021, it will be more important than ever for companies of all sizes and industries to reevaluate and improve their cybersecurity. Fortunately, iTology is continually monitoring and patching our customers’ systems to ensure their data is kept safe. Additionally, we do not utilize the SolarWinds platform, so all iTology customers are unaffected by the breach.
Learn more about iTology’s robust cybersecurity services and how they can protect your business.