FireEye and SolarWinds Data Breach: News and Implications

cyber attack

In light of the disastrous FireEye and SolarWinds data breach, companies around the world are desperate to improve their cybersecurity and avoid the same fate. 

As the year that no one expected comes to a close, network management company SolarWinds is watching their worst nightmare unfold, the effects of a massive data breach that impacted over 18,000 businesses and organizations.

In just one week, the strength of all U.S. organizations’ cybersecurity has come completely into question. Security firm FireEye suffered a disturbing malware attack in which malicious code was embedded into software they provide to their customers by tech firm SolarWinds. 

According to SolarWinds’ disclosure of the breach on December 13th, this malicious code infected a service which offers software updates for the company’s Orion products. These products are used by 33,000 of their customers, including U.S federal government departments and Fortune 500 companies. 

On the same day as SolarWinds’ announcement, FireEye released an extensive publication detailing the malware infrastructure used in the SolarWinds attack, suggesting that SolarWinds actually had evidence of the breach (or the potential of it) back in March, insinuating that the FireEye breach was caused by their lack of response.

In addition, because confidential government information was compromised in the attack, the aftermath of the breach is likely to take a devastating toll on SolarWinds. The litigation processes that are certain to ensue could lead to major non-compliance consequences that may be insurmountable for the tech firm. 

Since news of the breach, Microsoft has taken control of one of the primary domain names used by the hackers to try to glean information about which organizations were affected. Microsoft officials have categorized the attack as “a broad and successful espionage-based assault on both the confidential information of the U.S. Government and the tech tools used by firms to protect them.” The sophistication of the attack has many companies reeling, trying to determine how to better secure their infrastructures.

Even more worryingly, the impacts of the breach go beyond the 18,000 customers directly affected, and will impact several countries outside of the U.S. It’s true that government espionage is no new trend; however, according to Microsoft, the hackers in the SolarWinds breach used techniques that have jeopardized the technology supply chain on a global scale. Their methods show that these attackers not only knew—potentially even earlier than March of this year—that Orion customers were worth targeting, but also which specific customers would be the most valuable targets.

Ultimately, the ramifications of this targeted attack are just beginning to unfold. And while it isn’t yet clear exactly how many organizations have actually been affected by the breach, it’s no surprise that many companies are questioning the efficacy of their cybersecurity measures. In 2021, it will be critical for organizations globally to reevaluate their security and consider more reliable strategies. 

Novustek’s Industry-Leading Cybersecurity 

Fortunately, Novustek does not employ the impacted SolarWinds software, so our customers have remained unaffected by the breach. In addition, Novustek is one of the leading cybersecurity experts and works to continually develop robust solutions for our customers. We now have the ability to scan networks for the presence of the tools used in this attack to ensure our customers’ systems remain unharmed by the sophisticated malware used by these hackers.

Learn more about Novustek’s cybersecurity services and how they can protect your business.