The SolarWinds hack we wrote about last week sent shock waves through the highest levels of the federal government. Experts say the SolarWinds hack is potentially the largest spying operation against the U.S. in history — and it ran without being noticed for nine months. The attack also hit government agencies and organizations globally although so far, the most damage appears to be in the U.S.
The SolarWinds Orion platform is used by thousands of organizations, including IT security consultants, to monitor and manage IT infrastructure. We know it affected big government agencies and several other large organizations, although it may not have affected your organization directly, or affected it yet. Most expect the scope of the damage to grow as the investigation continues.
All organizations, large and small, should be on hyper alert to tighten information security now.
A New Era for Cyber Security
It was more threatening than the typical cyberattack, even more damaging than medical identity theft through ransomware that we’ve written about frequently. Cyber security experts are calling it a strategic espionage operation, where the spies set up residence on servers and networks, watching, reading and listening to emails, files, other correspondence, and massive amounts of sensitive information.
Microsoft at first said that none of its products or cloud services were affected by the SolarWinds attack, but six days ago, revised its statement to describe potential intrusions into its cloud services, and provided guidance to defend against security breaches.
Microsoft’s President, Brad Smith, wrote a blog on December 17 describing the scope and depth of these new forms of nation-state hacking – A moment of reckoning: the need for a strong and global cybersecurity response. The blog outlines how cybersecurity has evolved in the past year, with more sophisticated and merciless attackers, and how the pandemic fueled attacks on healthcare organizations globally.
President-elect Joe Biden spoke about the attack on Tuesday, December 22, 2020. He said that the U.S. will probably “respond in kind” to the attack, as the investigation reveals more, and he noted that Russia is the likely source, according to the current Secretary of State, Mike Pompeo and Attorney General William Barr.
HIPAA Compliance Strengthens Security
In his blog, Brad Smith highlighted a troubling development affecting healthcare during 2020.
One might have hoped that a pandemic that cut short millions of lives might at least have received a pass from the world’s cyberattacks. But that was not the case. After a brief lull in March, cyberattackers took aim at hospitals and public health authorities, from local governments to the World Health Organization (WHO). As humanity raced to develop vaccines, Microsoft security teams detected three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for Covid-19.
The best practice for every organization, whether or not directly affected by the SolarWinds breach is to look for and immediately install security updates for all software. The SolarWinds attack was subtle and far-reaching, and is likely ongoing. We expect to see a big wave of security updates issued by software providers following the SolarWinds breach in the weeks and months ahead.
Tech Solutions Need People to Work
HIPAA risk management is a blueprint to defend against cybercrime. For example, all organizations should have firewalls and malicious software protection installed and updated, in addition to installing all software updates immediately. However, strong security software is not enough. The weakest link and first line of defense against hackers is your workforce. Now is the time to emphasize training for workforce to recognize, avoid and report phishing attacks that arrive by email, text message or phone.
HIPAA training to raise awareness will include cyber security training, and create a culture of compliance. Basics like password protections, access management, and knowing who to call if a problem or a question arises are critical to empowering the workforce to keep data safe.
Although the challenges are daunting, we are not powerless in the fight against cyber crime. Everyone needs to do their part. Become more aware, take it seriously, spread the word, train the staff, and ask for help if you need it.