You are here: Blog Josh Coppage Your Computer May be Older than You

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Voyage Technology Blog Alerts
0 Comments
Huge Cybersecurity Breach Affecting Major U.S. Organizations is the Biggest One Yet

Honestly, it shouldn’t be surprising that 2020 has come to an end with news of a massive cyberespionage attack—the biggest ever, as a matter of fact. Let’s dive into what we know, and what it signifies.

 How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

  • The U.S. Department of State
  • The U.S. Department of the Treasury
  • The U.S. Department of Homeland Security
  • The U.S. Department of Energy
  • The U.S. National Telecommunications and Information Administration
  • The National Institutes of Health, of the U.S. Department of Health
  • The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

It is going to be some time before it becomes clear how deeply this threat went, assuming it ever does. Regardless, we want you to remember that Voyage Technology is here to help protect your business from as many IT issues as possible so that you can be more productive. To find out more about what we offer, give us a call at 800.618.9844 today.

Tweet
Tags:
Security Network Security Vendor
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 06 May 2026

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Hackers Cloud Efficiency Hardware Network Security User Tips Internet IT Services Malware Phishing IT Support Privacy Google Email Workplace Tips Computer Workplace Strategy Backup Collaboration Small Business Hosted Solutions Users Ransomware Managed Service AI Mobile Device Productivity Microsoft Quick Tips Passwords Saving Money Communication Cybersecurity Data Backup Smartphone Disaster Recovery Data Recovery Android Upgrade VoIP Business Management Smartphones Mobile Devices communications Windows Social Media Browser Microsoft Office Managed IT Services Network Current Events Tech Term Remote Internet of Things Information Miscellaneous Holiday Automation Artificial Intelligence Facebook Cloud Computing Training Covid-19 Compliance Gadgets Server Managed Service Provider IT Support Remote Work Outsourced IT Encryption Spam Employee/Employer Relationship Office Windows 10 Government Data Management Business Continuity Blockchain Vendor Wi-Fi Business Technology Windows 10 Bandwidth Virtualization Apps Managed Services Two-factor Authentication Mobile Office Data Security Employer-Employee Relationship Voice over Internet Protocol BYOD Mobile Device Management Tip of the week Chrome Gmail Budget WiFi Apple Networking App HIPAA Computing Hacker Physical Security Applications Information Technology Avoiding Downtime Access Control Marketing Office 365 Conferencing Password Managed IT Services How To BDR Operating System Computers Router Healthcare Virtual Private Network Risk Management Website Health Help Desk Analytics Office Tips Augmented Reality Retail Storage Bring Your Own Device Big Data 2FA Going Green Patch Management Save Money Excel Remote Monitoring End of Support Vulnerability Customer Service Vendor Management Remote Workers Cybercrime Display Printer Paperless Office Free Resource Infrastructure Project Management Windows 7 Monitoring Microsoft 365 Firewall Document Management Solutions Managed IT Service Telephone The Internet of Things Scam Data loss Windows 11 Social Cooperation Video Conferencing Robot Telephone System Customer Relationship Management Cost Management Managed Services Provider Professional Services Virtual Machines Settings Wireless Printing Content Filtering Hacking IT Management VPN YouTube Meetings Presentation iPhone Cryptocurrency Wireless Technology User Tip Modem Processor Computer Repair Mobile Security Vulnerabilities Virtual Desktop Data Privacy Data storage LiFi Images 101 Word Smart Technology Mobility Outlook Multi-Factor Authentication Machine Learning Money Saving Time Humor Safety Employees Maintenance Sports Integration Downloads Antivirus Mouse Licensing Entertainment Administration Holidays Data Storage Supply Chain Travel Social Networking Employer/Employee Relationships Outsourcing Legislation Techology Fileless Malware PCI DSS Google Maps Cortana Navigation Workplace Gig Economy Alt Codes Content Wearable Technology Internet Service Provider Downtime Unified Threat Management Motherboard Teamwork Hiring/Firing Comparison Competition Health IT Unified Threat Management Directions Regulations Compliance Hosted Solution Assessment Permissions Evernote Paperless Co-managed IT Typing Memes Net Neutrality SQL Server Technology Care Network Congestion Specifications Google Drive User Error Microchip User Financial Data Internet Exlporer History Knowledge Fraud Business Communications Scams Smartwatch Username IT Procurement Point of Sale Azure Hybrid Work 5G Black Friday IP Address Google Docs Telework Unified Communications Database Cyber security Experience Tech Human Resources Communitications Running Cable Tech Support IT Technicians Cables CES Bitcoin Network Management Google Wallet Proxy Server Supply Chain Management Cookies Monitors Cyber Monday Term Google Apps Recovery FinTech Tactics Hotspot IT Assessment Laptop Websites Mirgation IT Maintenance Hard Drives Windows 8 Domains Drones Flexibility Nanotechnology Value Business Intelligence Shortcuts SharePoint Organization Addiction Electronic Medical Records Language Smart Devices Halloween Chatbots Ransmoware Refrigeration Digital Security Cameras Management Public Speaking Lenovo Remote Working Screen Reader Memory Vendors Writing Distributed Denial of Service Google Play Be Proactive Lithium-ion battery Service Level Agreement Data Breach Virtual Reality Computing Infrastructure Entrepreneur Electronic Health Records Scary Stories Private Cloud Identity Workforce Videos Hacks Server Management Superfish Bookmark Identity Theft Smart Tech Wasting Time Threats Fun Security Cameras Workplace Strategies Deep Learning Download Trend Micro Twitter Alerts Software as a Service Error Meta Undo Browsers Education Connectivity Managing Costs Amazon Social Engineering Break Fix SSID Upload eCommerce Remote Computing Surveillance Virtual Assistant Outsource IT Multi-Factor Security Mobile Computing Social Network Tablet IoT Virtual Machine Environment Search Dark Web Media Medical IT Application Reviews Best Practice Trends Alert Development Buisness File Sharing Regulations Transportation Small Businesses Dark Data Google Calendar Managed IT Customer Resource management IBM Legal Data Analysis IT solutions Star Wars Hypervisor Displays How To Microsoft Excel PowerPoint Shopping Business Growth Gamification Optimization Notifications Staff

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015