With all the attention and coverage given to the pandemic and the associated financial crisis, it is easy to forget that other major stories impacted businesses in 2020. The year ended with headlines about a massive cybersecurity event, allegedly perpetuated by Russian actors and distributed by way of previously benign software updates from SolarWinds in a product called Orion – a “powerful and scalable IT management and monitoring platform.” It has been learned through the forensic investigation that the implanted malware was first introduced in October 2019 and lay dormant and undetected on the SolarWinds servers for months. Like asymptomatic victims of COVID-19, as many as 18,000 customers of SolarWinds had the malware and didn’t know it because nothing bad happened.
Beginning in March of 2020 the virus was instructed to do what viruses do – spread. And the method of distribution was the Orion software updates that SolarWinds customers count on the keep their technology current and guarded against the latest cyber threats. One customer, FireEye, supplies technology and tools to protect their clients, including many US government agencies and large businesses against malware.
It was FireEye that first detected the attack when they investigated the theft of some of their own IT penetration testing tools. The notable thing about FireEye’s role in this cyber incident is their customer list. FireEye is a software used by some US government agencies and large businesses to protect their environments against cyberattack. The U.S. Cybersecurity and Infrastructure Security Agency revealed that “fewer than 10” Federal agencies have been affected by follow-on activities tied to the attack. In addition to U.S. Commerce, Homeland Security, State and Energy departments, other targeted organizations include Iowa State University and Hilton Grand Vacations. That’s a lot of trouble to get out of your time-share.
The lesson of this real-life parable is that cyber threats continue today and pose a greater threat to government and corporate computing environments than ever before. There are a lot of threats and challenges competing for the attention of business decision makers. But few of them can put you out of business as fast and fully as a cyber attack and an inadequate response.
About a year ago I wrote about the experience of GCommerce and their response to a ransomware incident. It took several days to recover fully from the incident and today the company is protected by multiple, redundant layers of security and protection. Also new, are the multiple warm back-ups to enable full recovery from any future incident in hours – not days.
GCommerce President and CEO, Steven Smith made good on his commitment to “pay it forward,” share lessons learned and shine a bright light on this terrible threat to the continuity, and even existence, of businesses of all size. An informative webinar was produced featuring cybersecurity experts from the aftermarket. The recording is still available freely at www.gcommerceinc.com/cybersecurity
The longest lasting by-product of the cyber incident was for GCommerce to become a Lifetime Trustee of the University of the Aftermarket Foundation and the creation of a new class of scholarships for students studying in the fields of cybersecurity or information technology. The National Initiative for Cybersecurity Careers and Studies reports that the demand for cybersecurity experts is growing 12 times faster than the current U.S. job market. The U.S. Department of Commerce estimates there will be as many as 3.5 million unfilled positions by 2021. More information and the scholarship application can be found at https://uofa-foundation.org/
The largest security breach ever was discovered a few months ago and, ironically, capitalized on the tools and vulnerabilities of security software companies to spread. Take a few minutes away from COVID-19 matters and other challenges of today and ask really hard questions of your IT team about your cyber prevention and disaster recovery measures. Educate yourself and support the education of the next generation of leaders in how to deal with a completely different kind of virus infection.