IT Blog

security

SolarWinds and Ubiquiti cyber-attack: How worried should you be?

High-security alert buzzed the cybersecurity team world-wide after the widespread of SolarWinds and Ubiquiti cyber-attack incident. What should be the next step for the defenders?

The SolarWinds attack, also known as SUNBURST attack, appears to be one of the sophisticated attacks on the US history that occurred on the mid of December 2020. But before the matter escalated, another high-end IT service provider Ubiquiti messed onto the subject of cyber threat on 2021, January.  

 So, how can the SME business assume that they are away from the reach of cyber-attack? We shall go through the cyber-attack consequences and causes faced by SolarWinds and Ubiquiti, followed by the tips to protect your SME business from cyberthreat.  

What triggered the Sunburst threat?

Though the full scape of the threat is still yet not known the incident has been linked to the Russian government hackers, APT29, who appears to be the one behind the most elusive espionage campaigns leveraging the supply chain. The invaders to carry out the cyber breach campaign charged in the software created by SolarWinds, which was primarily used by the companies for asset discovery, system performance, and resilience.  

The assailants appeared to have inserted malicious code to the trusted code without any knowledge. The intruders raided the versions of Orion Platform Software, 2019.4 HF5 released between March-June 2020 to destroy the software highly used by the US defense sector and Microsoft. The software company is still unknown on how the hackers got hold of the backdoor code. Through this sudden intervention, Microsoft Corps too got infected with the malware where the Microsoft precipitated the updates through its enterprise network management software.  

As no definite data was obtained by the software agency, SEC documents released a rough data on December 14, 2020, which highlighted nearly 18,000 to 33,000 Orion customers had downloaded the updates containing default. Adding clear insight on the threat, Kim Peretti, a former prosecutor at the US Department of Justice (DoJ), described the attack as,  

We are at the initial stage of understanding the impact of the attack. The result may remain unknown for many months. It was perfect timing for the malicious updates with the onset of Covid-19 restrictions. “ 

What caused high alert on Ubiquiti?

After figuring out the breach, the Internet of things and Wi-Fi vendor notified the customers to change their passwords and include the use of multifactor authentication. With no concreate evidence of data breach in any database, the tech merchant assumed that the data could have got accessed through email address, name, and user passwords.  

With the possibilities of access in IoT device and system, the cybercriminals could have possibly taken hold of malicious actions including, logging in IoT devices, and using them for DDoS attack, brute force attacks and for real world crimes.  

Ubiquiti’s response on the cyber threat matter turned out to be a mixed one as the respondent did not provide much of ‘what is good password’ or advice using a password manager to increase the security access.  

Third party risk: hard to assess but not impossible

Unfortunately, Ubiquiti and SolarWinds’ security teams’ highlighted the situation as lack of control over the organisational security, and failure to prepare attention detail.

Business for the preparation often perform due diligence on financial viability and cyber-attack. Regular assessment or monitoring of all the suppliers and partners holding cyber security practices are jointly performed on a common platform. While a robust cyber security program are developed to minimise the risk of threat consequences in alliance with third party.

The continued attacks have amplified every enterprise’s need, including SMEs to blend in risk management practices. For an entity with fewer resources, it is easy to become victim of cyber threat circumstances. It is easy to take the services from the third parties, assign them the work of a thorough security audit, and only keep track of the network management and data protection.

Although technology has simplified the workload, it has also escalated the problem with digital transformation. Most vendors try their best to report what they identify about their networks, enterprise partner, knowledge gaps, primitive infrastructure, and shortfalls in the monitoring abilities. 

The whole assessment process can be achieved through multiple techniques including self-assessment, external scanning, threat feed monitoring and more.  

Is your company prepared for the cyber-attack?

After the SolarWinds and Ubiquiti, it has become a necessity for every SME to get prepared for the storm. Over the last year, 34 per cent of the consumers had their personal information adjusted.

Today, you might think that your business is too small to venture in the threat and embezzle the confidential data that you believe to be not so valuable, but that is not the case. Every year enterprises incline their business to digital space with a simple login and password. The practice widens more with the inclusion of confidential customer information such as banking and credit card information which becomes lucrative for theft schemes.

Here are four best cyber security practices which keep your business prepared for cyber threats. 

 

Conduct a cyber security audit

If you are willing to improve your SMEs’ cyber security, the first step is to assess. Conducting a security audit is the primary step to developing and enhancing resilience in a data breach. 

Using a firewall

Selecting the best firewall software for your enterprise is a must. The first step is to secure the network by running firewall software. Consulting your cyber security professionals would help your business select the best firewalls, which can patch vulnerabilities and discovered attacks.  

Reviewing security procedures

Most of the attacks flow in from the existing IT system of your business. Old login information that was never cleaned can spread quickly among the devices in the digital landscape. It takes aid from cybersecurity professionals to develop and build a business process to provide prompt service for reviewing security procedures.  

Considering Managed IT services.

Keeping your business security on the top level can be a full-time job for you, especially when you are an entrepreneur. Managed IT services can offer you a helping hand with 24/7 network monitoring, IT support, device updates and more. The service of MSP allows your growth and scalability with security.

How can you prepare your business to defend cyber-attack TODAY?

Keeping for business prepared for every threat is a must. So, you can eventually carryout the following task such as, 

  • Conduct a security audit for improvisation.  
  • Outsource certified professionals to train your employees for on boarding and best practices.  
  • Patch firewall and devices to strengthen your network security. 
  • Consider using the service of Managed IT service for the heavy lifting.  
  • Developing strategies and succession plans during the event of the breach with the practice of execution.  

 

BOOK YOUR FREE IT CONSULTATION & IT AUDITING NOW

Is advising the customers to rotate their passwords a possible means to reduce the cyber threat? Or is this a poor practice escalating further data breach? Let us discuss beyond to understand the best measures of cyber security for your SME business right AWAY!  

Leave a Reply

Your email address will not be published. Required fields are marked *