After SolarWinds and FireEye Attacks – How Can You Avoid Hackers?

Hackers have been working overtime in 2020, and they decided to end the year with a bang. Not long after major security firm FireEye announced hackers had infiltrated them, the relatively unknown business SolarWinds found itself in the middle of a global attack against the U.S. government.

How SolarWinds Became the Center of Global Attack

If you’ve never heard of the company SolarWinds before, you’re not alone. The Austin-based company is not a well-known entity. And that, apparently, is partly why Russian hackers turned it into a target.

Despite its obscure profile, SolarWinds provides software that manages devices to over 300,000 customers around the world. Those customers include U.S. agencies and many Fortune 500 companies. It’s much easier to hack a company like SolarWinds than it is to infiltrate a U.S. government agency.

Dmitri Alperovitch, co-founder and former CTO of the cybersecurity firm CrowdStrike, told NBC News:

It’s a company that’s got remote access to hundreds of thousands of organizations around the world, including some of the biggest companies and the most critical government agencies. And by simply compromising them, you immediately open up the door to all these targets.

SolarWinds released a statement saying it was the victim of a “highly-sophisticated, targeted . . . attack by a nation-state.”

 

solarwinds
The U.S. government issued a warning to all clients of SolarWinds. | Source: Twitter

Those sentiments were echoed by FireEye last week, leading experts to deduce that both companies were targeted in a wide-scale attack by Russian hackers.

How Small Businesses Are Affected

While most small businesses don’t operate on the scale of a FireEye or SolarWinds, that doesn’t mean they aren’t affected. After all, each of these companies’ clients now has to worry about protecting themselves.

FireEye recently posted this tweet about the increased risk of cyber attacks:

John Scott-Railton, a senior researcher at Citizen Lab at the University of Toronto’s Munk School of Global Affairs and Public Policy, told The Washington Post:

This is a big deal, and given what we now know about where breaches happened, I’m expecting the scope to grow as more logs are reviewed. When an aggressive group like this gets an open sesame to many desirable systems, they are going to use it widely.

Ways Small Businesses Can Bolster Their Security

Hopefully, a nation-state of Russian hacking experts doesn’t have your business in their sights.

But regardless of who may have their eye on your company, there are small steps you can take to raise your level of security.

First, if you’re a customer of either of the aforementioned businesses, be sure to visit FireEye’s GitHub site to download the countermeasures to its breach.

Next, you can utilize various services to determine whether or not any accounts have actually been hacked.

If your office utilizes the same software company-wide, such as Microsoft Outlook or Office, take the proper steps to ensure those programs’ security.

Often, the first line of defense is a strong password for business-related accounts. There are a surprising amount of mistakes people make when trying to create a strong password. Any accounts containing sensitive material should require varied passwords containing at least 16 characters.

Check out this video on strong passwords:

How to Create a Strong Password

Likewise, any sensitive accounts should enlist the added layer of protection accessed with the use of 2-factor authentication (2FA).

And the most proactive step any small business with sensitive information can take is to hire a team of experts to look out for them.

Hacked.com offers these services and more. Be sure to check out our plans listed below, or feel free to scan our site for a wide array of free advice.

Featured image by BalkansCat from Shutterstock. 

Aaron Weaver
Aaron Weaver is the Head of Content for Hacked.com. He has over 15 years of journalism experience. As a tech-savvy editor and researcher, he prides himself on journalistic integrity by providing cutting edge data backed by the latest science.

[email protected]

Phone support: +1 334 625 9990
7AM-7PM CDT weekday, 8AM-3PM CDT Saturday
We are not able to answer all calls.
For a guaranteed response, please use email or schedule a call with us here.




We have been recommended to clients by employees at FBI and local law enforcement in the United States. For references, please send us an email.






         



Read all of our reviews here.