There was a huge security incident recently that is more than likely flying under your radar: SolarWinds, a large cybersecurity and software company that develops tools used by the majority of companies on the Fortune 500 as well as almost all government agencies has discovered that they were infiltrated by threat actors, with the intrusions going as far back as September of 2019. These actors used sophisticated techniques to infiltrate SolarWinds and leveraged that access to distribute infected versions of Orion, one of their most popular network management tools, which is used by at least 10 federal agencies including the Department of the Treasury, the Department of Labor, the State Department, the Department of Homeland Security, and more. Considering the stature of those organizations affected and with the long term nature of the compromise, this is one of the worst and most concerning breaches in U.S. history.
Of course, it may not seem that way if you are not a Fortune 500 company, or a federal agency, but it's the truth. The fact that a single software vendor was servicing so many huge clients -- and that their centralized infrastructure as compromised -- is a foreboding story for all of us who participate in the digital ecosystem. If a vendor like Microsoft for example was breached in a similar manor to SolarWinds, then it could compromise software like Outlook, Excel, or Word.. which are programs used by small businesses, enterprises, schools, and individuals all over the world. It could also compromise updates that are sent to Windows, for example, which could be used to send malware to millions of PCs.
This incident, like all other breaches, just highlights the importance of security best practices on all facets of the supply chain, from vendor to user. The SolarWinds won't impact your business directly, and FrameWork works hard to keep you safe. This is just something to keep an eye on! If you want to learn more, check out this article from KrebsOnSecurity.