Most businesses are confident their IT department or third-party provider will deliver expert cybersecurity that protects their network from any unwanted intrusions. Unfortunately, this is often not the case. At the same time, companies are using more technology to run their business, relying on applications for accounting, HR and operations.
These suppliers become an integral part of your security posture. If you do not take steps to secure these tools and work with an IT security provider you can trust, it can become just as much of an issue as employees opening and replying to phishing emails.
As the events of the SolarWinds breach unfolded, it underscored how vulnerable any organization is to a cyberattack, even when working with IT professionals.
What Happened with the SolarWinds Breach?
SolarWinds provides IT management software that monitors network performance, configuration and bandwidth. Organizations can acquire these applications independently or through their managed IT services provider.
The SolarWinds Orion platform was breached when a state-sponsored hacker group embedded a trojan into the software, which would download and activate when the software was installed on new servers and networks. The breach infected organizations ranging from small businesses to large corporations and government agencies.
Once the software was installed on IT systems, the trojan provided the hackers with access to whatever network it was installed on to observe activities and data on that network. This allowed further infiltration, such as gaining passwords to more secure networks and monitoring behavior to conduct more accurate social engineering scams.
This breach was particularly noteworthy because the list of victims continues to grow. Over 18,000 organizations may have downloaded the trojan, according to SolarWinds. A recent list published by cybersecurity researchers determined that IT and professional services firms like Cisco, Deloitte and Belkin were among those impacted, increasing the likelihood of second-tier victims or victims who did not directly download the virus but were attacked (and in some cases, successfully breached) because their vendor had this malware on their networks.
Can You Trust Your IT Provider?
One of the most critical lessons learned from this attack is the clear importance of vetting your vendors. This is often overlooked, except when you have a cybersecurity-focused third-party IT provider. For many organizations, the software was installed on the recommendation of their IT services company or internal IT department. While it’s not always possible to avoid these kinds of threats, it is imperative to work with a cybersecurity company that manages all your vendors, is in front of cybersecurity alerts and quickly responds with the correct removal and remediation measures when necessary.
Failing to have a good cybersecurity team can result in:
- Prolonged attacks on your networks and systems
- Cybercriminals accessing company email and private records
- Malicious characters conducting social engineering scams and stealing money from you or your clients
- The introduction of devastating malware on your systems
- Compliance violations, fines and lawsuits for the breach of confidential data
These types of breaches can hurt your relationship with customers and employees alike. It damages the reputation of your business. Your clients want to know that the wealth of information people entrusted you with – such as full names, addresses, credit card numbers and social security numbers – is safe in your hands. In turn, you must make sure you work with an IT security team you are confident you can trust.
The managed service providers you work with should be security focused. For example, if you use SolarWinds and your IT team has not yet contacted you, they don’t have your security at the forefront of their minds.
What Should Companies Do If They Have SolarWinds Orion?
Keep in mind that SolarWinds sells a variety of products, but the only one that customers need to concern themselves about is the product called Orion. If you have that specific product, then you need to uninstall it until an expert verifies that the security issues have been successfully resolved. Without uninstalling the software, the criminals will continue to have backdoor access to critical systems such as payroll and HR. As a business owner, you would never know they were there. Fortunately, uninstalling the software resolves the problem for most companies.
Clients who work with DiamondIT for cybersecurity will have access to our protective services to ensure any malicious actors are removed from their network. We run the typical scans to check for any signs of malware left behind. We further protect our clients with software that scans behavior patterns and alerts us when there are unusual activities. For our customers, this means an additional level of protection, as we find hidden malware that might get past other detection systems.
Staying on Top of the Latest Developments
A core part of working with a cybersecurity expert lies in having someone dedicated to remaining up to date on the latest developments in the world of network security. Simply knowing that breaches, like the SolarWinds event, took place can give businesses the chance to react and take steps to protect themselves.
It can be easy for people not directly involved in IT to forget about their vendors or think that, if they are small, they are not at risk of a cybersecurity attack. Working with a cybersecurity-focused IT partner offers protection at an affordable cost.
Fight Cybercriminals Using Tools in your Microsoft Subscription
Your IT expert will manage and utilize the cybersecurity tools in your Microsoft Modern Workplace, like unified endpoint management. This powerful tool reigns in security for all the phones, laptops, and tablets your organization uses. Through a centralized control system, your IT security expert can track, monitor, update and even lockdown devices. Your partner will also turn on the right identity protection, preventing unauthorized access to sensitive information. Threats will be proactively monitored and hunted, shutting the cybercriminals out of your organization.
Get More with DiamondIT
With DiamondIT, businesses can trust us to provide security-focused IT services, protecting their business networks and computer systems. We are your IT security guard, providing assessments, planning, scanning, cybersecurity-awareness training and security maintenance to keep your systems running safely. Find out how secure you are with our technology gap assessment.