By Danielle Cerny, Sharp Electronics – Recently, SolarWinds, a company that produces a network and applications monitoring platform called Orion, was compromised. A successful cyberattack that injected malicious code into the software gave the hackers access to SolarWinds’ customer data. The attackers used several techniques to remain undetected while they accessed SolarWinds’ network and implemented a back door to their end-users’ systems. This well-orchestrated attack was aimed not only at SolarWinds but also many other organizations in a cascading fashion.
It is easy for smaller companies to look at the SolarWinds incident and think that their small size might keep them safe from greedy hackers. According to a recent article in Commercial Integrator, ”the reality is, this kind of cascading impact is not always caused through sophisticated attacks as seen with SolarWinds. There are much simpler examples, one of which is the constant occurrence of business email compromise.” Often, employees use weak passwords without multi-factor authentication and cyber criminals can breach user accounts and launch phishing campaigns from a legitimate email account to an entire internal contact list. Unaware of a breach, employees are often fooled into changing invoice payments, bank account numbers or sending sensitive information.
SOURCE Sharp Electronics