Cybersecurity , Cybersecurity
What You Should Know About the SolarWinds Hack
By Chris Griesemer
I follow Kim Zetter (@KimZetter) on Twitter. She is a cybersecurity journalist and gave a good explanation of what is known so far with the SolarWinds hack. To start with, SolarWinds provides IT infrastructure management software which helps manage and monitor the performance of an organization’s IT environments. According to their website, they provide IT Asset Management, IT Security Solutions, Compliance Solutions and Database Management, to name just a few. Kim explained SolarWinds software is used at some of the highest levels of government, including the White House and the National Security Agency. It is believed SolarWinds was compromised by hackers inserting malicious code into SolarWinds applications without them knowing about it. Once infected, it opened a backdoor into the system and allowed the hackers to begin stealing sensitive data on those networks. Apparently, this happened back in March and their activity was just recently discovered, so for the past 9 to 10 months, it is believed the nation-state of Russia has been inside Government systems stealing data and spying on Government workers without anyone knowing about it. SolarWinds has a very lengthy customer list.
According to their website, they service more than 425 of the US Fortune 500 companies; all five of the top five US accounting firms, hundreds of Universities and Colleges. On top of these industries, SolarWinds’ website shows they provide services to Cisco, Fiserv and Symantec. According to Kim, this was a national security hack focused on high level targets or data. It is possible a citizen’s personal data could have been compromised, but right now, it is believed the target was high up government officials. She also says there is still a lot that is unknown. Right now, an inventory of all applications should be performed to see if SolarWinds or a customer of SolarWinds is providing services to your organization. Once identified, contact those companies and find out what they are doing to identify any possible security breaches. Next, contact your IT department, or if you are using a 24/7 monitoring service, you need to find out if they are aware of the SolarWinds hack and what they are doing to increase monitoring of their clients. As more information is discovered, The Whitlock Co will continue to keep you updated. Please let us know if you have any questions.

View Similar Blogs
Other blogs about cybersecurity and your business
Our Cost Accounting Services and How They Lead to Actionable Profit Strategies
Do you understand how costs affect your business strategy? The Whitlock Co. leverages our cost accounting expertise to help you analyze expenses. We give you the data you need to make...Minimize Errors, Maximize Accuracy With Our Accounts Payable and Receivable Management Services
The Whitlock Co. provides expert guidance to help businesses make informed decisions about their financial health. One thing we do is optimize accounts payable and receivable management and make...Understanding Our Audit and Assurance Services
When The Whitlock Co. performs audit and assurance services for your business, we deliver a thorough evaluation. This enhances trust and reliability in your financial reporting. The goal is to...