The Solarwinds hacking case in 2020 shone a spotlight on how vulnerable a business can be to cybercrime. The hack was unprecedented in its audacity and scope. Its full extent is still coming to light. More remains to be discovered. But already, we know that it affected thousands of organisations around the world, including large corporations and governments. The case almost makes it seem as if a small business has no chance against hackers. But dig a little into the details, and nothing could be further from the truth.
Microsoft, Google, and Intel were among those hacked. Ironically, it was their network management software that played a key role in the whole affair. It all started with two simple human errors.
Mistake one – Human error: Clerical slip
Programmers at Microsoft, Google, and Intel write software code and save it on a platform called GitHub. Their work was compromised because one of the team members mistakenly marked the work ‘public’ instead of ‘private’. The team member was an IT professional, not a computer novice.
Mistake two – Human error: Weak password
Once hackers got into GitHub, they snooped around and identified usernames and passwords. Amazingly, they discovered that the password used to unlock one of the GitHub servers – the so-called SolarWinds server – was SolarWinds123. This pathetically weak password was set up by a programmer – an intern programmer but, again, an IT professional.
Malicious software ‘Sunburst.’
With that Solarwinds123 password, the hackers set about doing their nasty stuff. They developed malicious software called Sunburst and placed it in updates produced by Microsoft, Google, and Intel for their network management software. Those hacks went undetected for many months. Once those updates were released with the Sunburst virus, the customers who downloaded the patch were infected. Once infected, the customers were at the mercy of the hackers.
Conclusion
The biggest shock from Solarwinds is how easy it was for hackers. Despite all the technology and resources possessed by the corporations and governments that were hacked, the attack started with two simple human errors.
If you are concerned about the vulnerability of your business, Rapid Support can help. Our IT managed services include comprehensive cybersecurity support, spanning technology and people. We provide cybersecurity monitoring, virus removal and incident response. We can also help you train your existing employees and hire cybersecurity professionals.