They say it is the largest ever cyber hack.
Unless you are living under a rock or inside an Internet-disconnected cave, you’ve undoubtedly heard about the recent cyber-attack encompassing an estimated 18,000 or more U.S. companies and governmental agencies, including notables such as a preponderance of Fortune 500 businesses, most of the top accounting firms, many of the top telecommunications entities, and a wide swath of federal departments such as Homeland Security, Treasury, Commerce, and the military branches.
Some have referred to this sly cybersecurity breach as the most insidious and widespread in history (for my prior coverage about cyber-attacks, see the link here).
It is breathtaking in its scope and devilishly clever in its approach, and as a result, has caught many by utter surprise. On the one hand, it is not particularly a surprise that a massive scaled cyberattack has occurred since cyber protection experts have been warning about these possibilities for years on end. The surprise is that we didn’t know it was underway and that by size alone it presumably should have earlier been somehow detected. An itsy-bitsy cyber-attack might squeak through under the radar, while one that cuts across hundreds or thousands of organizations ought to have been sniffed out by either happenstance or by watchful oversight.
The real twist, some exhort, might be that this is only the tip of the iceberg. Perhaps there are other similar cyber-attacks already underway and we just haven’t ferreted those out as yet. Or new cyber breaches are being devised and for which when they are unleashed will be beyond breathtaking and veer into the full borne calamity and cyber catastrophic sphere.
In brief, here’s how the recent cyber trickery worked.
A tech company called SolarWinds provides networking-related software that is immensely popular and used by thousands upon thousands of companies and governmental agencies. The networking software in this case is known as Orion. To update the Orion software from time-to-time, SolarWinds pushes out various patches that are sent electronically, which then automatically get…