KERN COUNTY, Calif. — “It has the ability to attack thousands of corporations all at once, so it’s very powerful," said UCLA Samueli School of Engineering professor Carey Nachenberg, describing a fictional cyberattack in his book “The Florentine Deception.”
But it’s eerily similar to the very real hack the United States saw last week.
“It appears that attackers broke into SolarWinds and added a backdoor to their software, their products," said Nachenberg.
SolarWinds makes software that companies and government agencies use to monitor their computer networks. Nachenberg said hackers found a way into those software back in March.
“The attackers have actually had about nine months to rummage around in these victim corporations and government agencies, to spy on them and potentially cause other harm," said Nachenberg.
The cyberattack is currently being investigated. President Trump said China could be responsible while Secretary of State Mike Pompeo blames Russia.
Either way, what does it all mean for you?
“Everyone should know this because somewhere down the chain of your organization or someone else you work with may use SolarWinds," said California Cybersecurity Institute advisor Henry Danielson.
Danielson said your workplace could be a SolarWinds customer.
This means it might be one of the companies now working with SolarWinds to ensure the hackers don’t take over their network.
Doing so can take up time that is especially valuable during the pandemic and the holiday season.
“A small to medium business could have a detrimental stop. They need [to] unplug things. It could stop their production. It could stop their day-to0day business operations," said Danielson.
Not every SolarWinds customer is at risk. Danielson said companies who specifically use Solarwinds’ Orion software are vulnerable to this hack.
The company sent an email to those affected, but Danielson said says everyone should still check their networks and use this cyberattack as a lesson.
“People really need to take heed and take a look at their networks, and have alert systems and other things, and really be monitoring them on a daily basis," he said.
Danielson said businesses should connect with SolarWinds for further instruction in handling this cyberattack and preventing future ones.
