Nation State Cyberattacks
When you think of cyberattacks, what do you picture? Your thoughts may turn to a single tech-savvy person in a dark room. Or perhaps a small group of criminals working together to dupe an unsuspecting target. While these scenarios may be true, cyberattacks are growing in size and sophistication, and the recent SolarWinds hack is proof.
What Happened to SolarWinds
Let’s cover the basics of the hack: SolarWinds is a software company that provides a range of IT services to large organizations, including multiple U.S. government entities and private companies. Once hackers compromised SolarWinds, they were also able to compromise the networks of SolarWinds’ clients through malware-infested patches and updates–something known as a supply chain attack. In a supply chain attack, the hacker hits an organization at the beginning of the supply chain and compromises all downstream entities at the same time. The attack continued undetected for months until a private company and customer of SolarWinds, FireEye, discovered the breach.
Over the past few months, more details have come out about the attack. SolarWinds told the SEC that 18,000 customers installed the malicious updates. Last week, the U.S. identified Russia’s Foreign Intelligence Service as the culprit. The U.S. levied sanctions against Russia that included the expulsion of 10 personnel from the Russian embassies and other actions that would “remain unseen.”
The Future of Cyberattacks
To be clear, nations have used cyberattacks to spy or steal information from other nations in the past but the SolarWinds attack is likely the biggest the U.S. has experienced. As countries operate in the online space, the lines blur between government and private entities. In this case, SolarWinds had both as customers and therefore both were affected by the hack.
As nation states hack entities like banks and power plants, private citizens get caught in the crossfire. For example, in 2019, North Korean hackers infiltrated the Bank of Chile’s ATM network and stole $10 million. A 2016 attack on Ukraine left Kyiv without electricity for an hour.
The bottom line is it’s more important than ever to be cyber aware. That means using your phishing recognition skills when checking work and personal email, texts, and social media messages, monitoring your important accounts regularly, and investigating apps and services before downloading them.