- Posted by Alliance Technologies
- On January 6, 2021
On Sunday, December 13, 2020, US Federal Agencies identified multiple data breaches that were traced back to a vulnerability in a third-party software package, SolarWinds Orion used to manage IT Infrastructure. Since that time more information has continued to be learned on a daily basis.
Impact to your Organization
While none of our clients use the Solarwinds Orion software platform, Alliance Technologies is continuing to monitor the potential security implications of possible breaches involving companies and government agencies that do use this software platform. One such company is Microsoft, who has identified that the hackers may have had at least some access to VIEW key source code.
Microsoft has taken swift and decisive action against this attack by making changes to its Windows Defender AV product that is built into Windows, removing digital certificates used by the compromised files, and taking over one of the domains that the malware uses for command and control via a legal/technical method called Sinkholing.
A highly publicized security breach should always serve as a good reminder to review your company’s IT security stance and to also encourage your staff to develop and practice good IT security habits through Security Awareness Training.
Alliance Technologies, LLC recommends these security best practices:
- Keep Windows 10 PC’s current with the latest OS and antivirus/malware updates and patches.
Note: Alliance Technologies actively manages & maintains updates on PCs covered under our Invision Managed Services If your organization is not a part of our Invision Managed Services platform, please speak to your account manager.
- Upgrade or replace all possible legacy Windows 7 PCs with Windows 10 Pro/Enterprise. Windows 7 is no longer supported by Microsoft as of January 2020 and subsequently no longer receive security updates or patches.
- Upgrade or replace all possible legacy Windows 2008 Servers with Windows 2016 or higher. Windows 2008 is no longer supported by Microsoft as of January 2020 and subsequently no longer receive security updates or patches.
- Keep Mac OS computers current with the latest OS and antivirus/malware updates and patches.
- Keep all iOS and Android smartphones, tablets and other devices currrent with the latest updates and patches.
- Implement Multi Factor Authentication (MFA) where possible to secure access to online services such as Microsoft 365 (Office 365), web sites/systems, etc. For Alliance Technologies CSP Clients, your Account Manager will be reaching out to you soon to discuss configuring MFA for your team.
- Deploy a proven active Endpoint Protection security platform on all PCs. Alliance Technologies recommends SentinelOne. Our Account Management team can help guide you through the correct solution, such as our Inforce CyberSecurity
- Contact your Account Manager to Schedule a network & security assessment of your corporate IT infrastructure and take steps to remediate deficiencies and/or implement suggestions offered as part of the assessment report.
- Ensure that your staff are adequately equipped to understand their critical role as part of your company’s overall IT security. Alliance Technologies provides Security Awareness Training as part of our Inforce CyberSecurity Program which will help your staff develop a consistent IT security mindset.
- Alliance Technologies can help you implement strong security frameworks like NIST’s CyberSecurity Framework to ensure your critical infrastructure is secure, reducing the risk to your team.
Who to contact with questions or concerns
If you would like more information, reach out to your account manager or visit our contact us page for more information.
If you would like more information, the links below can provide you a lot of detail regarding the breach.
- Security Advisory FAQ | SolarWinds
- Microsoft Internal Solorigate Investigation Update – Microsoft Security Response Center
- Microsoft, FireEye confirm SolarWinds supply chain attack | ZDNet
- SolarWinds Orion Security Breach: Cyberattack Timeline and Hacking Incident Details – ChannelE2E
- Here’s why it’s so dangerous that SolarWinds hackers accessed Microsoft’s source code – BGR (ampproject.org)
- NIST Cybersecurity Framework (CSF) | GSA