Get a Demo
Get a Demo
Get Started Free
Get Started Free
Get a Demo
Get a Demo
Get Started Free
Get Started Free
FoxTech Cyber
Vulnerable to a SolarWinds-style attack?

Vulnerable to a SolarWinds-style attack?

Security_Camera

Are you vulnerable to Solarwinds-style Attack?

Can I still be hacked if I have all my security in place?

Supply chain security is at the forefront of cybersecurity discussions following the SolarWinds hack in 2020, affecting users of their SolarWinds Orion product globally – including nine US federal agencies.  

The attackers believed to be a Russian state-sponsored hacking group, gained access to SolarWinds’ software development system and injected malicious code into the company’s Orion platform, a widely used network monitoring and management software. This allowed the attackers to infiltrate the networks of SolarWinds’ customers who had installed the software, granting them access to sensitive data and potentially compromising national security.

Microsoft resellers are a target

In another incident related to the SolarWinds hack, CrowdStrike successfully fended off an attack attempt by the hackers. In this case, a reseller’s Azure account was used for managing CrowdStrike’s Microsoft Office licenses, and the hackers attempted to read the company’s email, but their attempt was unsuccessful. 

Microsoft clarified that if a customer buys a cloud service from a reseller and allows the reseller to retain administrative access, then a compromise of reseller credentials would grant access to the customer’s tenant. The company emphasized that this abuse of access would not be a compromise of Microsoft’s services themselves. 

Taking Action

These incidents underscore the need for companies to prioritize supply chain security and take proactive measures to assess and monitor the cybersecurity of their suppliers and partners. As the SolarWinds hack and its aftermath demonstrate, even a seemingly minor vulnerability in a supplier’s network can have far-reaching consequences for businesses and the broader economy.

By implementing robust security controls and limiting supplier access to the minimum required, businesses can reduce their exposure to cyber threats and ensure the resilience of their operations in the face of growing security risks. 

FoxTech’s Security Operations Centre can monitor the actions of your suppliers in your systems, and our security configuration advice helps you protect your systems for the least cost and maximum impact. 

References

  • crn.com Dec 2020 – Crowdstrike fends off attack attempted by SolarWinds hacker 
  • Infosecurity Magazine Feb 2021
Picture of ernesto.garcia

ernesto.garcia

Ernesto excels in nurturing channel partner relationships across EMEA, DACH, and LATAM, prioritising their success as integral to his own achievements. With extensive experience at companies like VMware, Egnyte, and Refractiv, coupled with a deep understanding of the MSP market, he is committed to supporting partners comprehensively.
Products
Resources
Get Started
Linkedin
© 2024 Foxtrot Technologies, England, UK. All rights reserved | Privacy Policy | T&Cs | Cookie Policy