https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Security


Shutterstock

Data Theft Hacker

SolarWinds Cyberattack Likely Affected Thousands Worldwide

  • Written by Edward Gately
  • December 16, 2020
The hackers inserted malicious code into SolarWinds' Orion software updates.

The massive SolarWinds cyberattack no doubt will prompt considerable short-term fallout in terms of customers, revenue and reputation.

That’s according to Eric Parizo, senior analyst with Omdia. The SolarWinds cyberattack resulted from a software vulnerability.

The hackers inserted malicious code into SolarWinds‘ Orion software updates sent to nearly 18,000 customers. It existed in updates released between March and June of this year.

This led to security breaches at numerous U.S. government agencies. Those include the Treasury Department, the National Telecommunications and Information Administration (NTIA) and the Department of Homeland Security (DHS). The attacker also breached SolarWinds’ corporate clients.

Emergency Directive

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive. It calls on all federal civilian agencies to review their networks for indicators of compromise. Furthermore, it instructs them to disconnect or power down Orion products immediately.

The Cozy Bear hacking group, which U.S. authorities suggest gets backing from Russian state intelligence, likely performed the SolarWinds cyberattack.

According to FireEye, the intrusion began as early as spring 2020. The security research firm announced Dec. 8 that the crime had impacted some of its customers. FireEye on Sunday released a report detailing the subdomain and malware that the threat actors used. FireEye, which has investigated numerous high-profile data breaches, fell victim to the attack.

Wake-Up Call

Nigel Thorpe is technical director at SecureAge. He said the SolarWinds cyberattack is “totally a wake-up call” for cybersecurity providers.

SecureAge's Nigel Thorpe

SecureAge’s Nigel Thorpe

“This incident shows people just how disruptive a well-planned supply chain attack can be,” he said. “These types of attacks are actually quite common and vendors are a frequent jump point for bad actors looking to infiltrate a business’ network. This one was particularly destructive, however, because of how stealthily and precisely it was carried out. That said, I think this put a lot of people on guard moving forward. And the preemptive measures … will only become more prevalent as businesses assess and reassess existing relationships with third-party vendors.”

It’s difficult to say whether the attack could have been prevented, Thorpe said. But it highlights the need to have protocols in place in case one happens.

Experts surmise if the attackers opted to extract huge swaths of data at once to peruse later, they would have likely raised red flags in the government systems, he said.

“They had to remain stealthy and exact, indicating that their approach was more about the quality of data stolen, rather than the quantity,” Thorpe said.

Extremely Targeted Attack

John Pagliuca is president of SolarWinds MSP.

SolarWinds MSP's John Pagliuca

SolarWinds MSP’s John Pagliuca

“We have been advised this attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted and manually executed incident, as apposed to a broad, systemwide attack,” he said. “At this time, we are not aware of an impact to our RMM, N-Central and associated SolarWinds MSP products.”

SolarWinds uses Microsoft 365 for its email and office productivity tools. An attack vector was used to compromise its emails. Furthermore, it may have provided access to other data contained in its office productivity tools.

Both SolarWinds and Microsoft have …

  • Page 1
  • Page 2
  • Page 3
Tags: MSPs Best Practices Channel Research Mobility Networking RMM/PSA Security Specialty Practices Technologies

Related


  • Two cloud-shaped hands shaking among other clouds in the sky.
    IBM Buys Cloud MSP Taos for Expertise in AWS, Azure, Google
    Channel partners will be able to take advantage of the combined companies’ hybrid cloud capabilities.
  • Ransomware and malware
    Help Your Customers Mitigate Malware: Viruses, Worms, and Trojans…Oh My!
    With the right antivirus protection, your customers can better detect and prevent the spread of malware.
  • Pax8 Kicks Off European Expansion with Launch of Pax8 UK
    Cloud distributor Pax8 leverages its recent Wirehive acquisition to launch Pax8 UK.
  • Network monitoring and management
    Malwarebytes Enhances OneView to Help MSPs' Security Business
    Security is an increasing concern for MSPs, particularly amid COVID-19.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • SMBs’ Cybersecurity Risk Awareness Is Rising
  • Carbonite® Backup for Microsoft 365
  • Security Tips for Protecting your Backup Servers
  • SADA SaaS Alliance Aims to Give Members ‘the Best Opportunity to Grow’

Galleries

View all

New, Changing Partner Programs: AWS, Tech Data, Avaya, Verizon

January 11, 2021

Industry Perspectives

View all

Cyberattacks: Threat Hunters Conquer Unpredictability with 3 Measures

January 21, 2021

The Right Data Migration Tool Helps Schools Move to Cloud During COVID Crisis

January 19, 2021

Cloud-Based CRM: What SMBs Need to Know about Backup and Recovery

January 19, 2021

Webinars

View all

Who’s Behind the Mask? Hacker Personas Explained

January 26, 2021

Your Network Perimeter Has Changed

February 18, 2021

How Managed Hosting Providers Thrive with the Alternative Cloud

February 24, 2021

White Papers

View all

Why Subscription Business Model

January 15, 2021

The Ultimate MSP Guide to Sales Efficiency

January 14, 2021

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools

January 14, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Adding #AIOps and #AI-driven WANs will help IT administrators move forward, says @MistSystems.… twitter.com/i/web/status/1…

January 22, 2021
ChannelFutures

Microsoft taps @tybryson as corporate VP @msuspartner group @julwhite heading to SAP, @anderson to @Qualtrics.… twitter.com/i/web/status/1…

January 22, 2021
ChannelFutures

#MSPs can inject predictability into #threathunting @Sophos #cybersecurity #ransomware dlvr.it/Rr4ffV https://t.co/Bztc2Yxwvc

January 22, 2021
ChannelFutures

.@RiskBased report shows decrease in #databreaches, jump in exposed records in 2020. dlvr.it/Rr4fcW https://t.co/PYiDMiJFbt

January 22, 2021
ChannelFutures

Legal experts say @VMware's #lawsuit against @nutanix's new CEO holds little weight. dlvr.it/Rr48FJ https://t.co/oLxPhgvgAt

January 21, 2021
ChannelFutures

bit.ly/2Y0kFZh twitter.com/Craig_Galbrait…

January 21, 2021
ChannelFutures

Our latest #Cybersecurity Roundup features @BitSight and @kovrrIns, @Vectra_AI and @AppOmniSecurity,… twitter.com/i/web/status/1…

January 20, 2021
ChannelFutures

.@solarwinds hackers target @Malwarebytes, impacting internal emails. #cybersecurity dlvr.it/RqzkZp https://t.co/aWqLjCCW9y

January 20, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X