The SolarWinds cyberattack on the federal government and American businesses last year incentivized hackers worldwide to go bigger and bolder in multiple major ransomware attacks in the past few months.
Despite cyberattacks being a common problem in the past decade, the SolarWinds hack and the vulnerabilities created by the pandemic have given hackers added confidence to orchestrate devastating attacks on federal government computer systems, the Colonial Pipeline, and the meat producer JBS, according to Brian Horton, CEO of Breadcrumb Cybersecurity, a cybersecurity firm in California.
“When we found out about the SolarWinds attack in December 2020, and all the big three-letter government agencies were affected, we knew 2021 would be a big year for ransomware, that there would be repercussions of the hackers succeeding last year,” said Horton.
Despite the SolarWinds attack by Russian hackers taking place over the course of almost nine months and affecting roughly 18,000 entities — including critical government agencies like the Justice Department, the State Department, and the Treasury — it didn’t affect the average consumer in the same fashion as recent, smaller ransomware attacks have, Horton said.
The attacks on the Colonial Pipeline and the JBS meat company brought mainstream awareness to the need for increased cybersecurity protections.
The cyberattack occurred because SolarWinds, an IT company that runs network management systems for thousands of clients, was infiltrated through the company’s Orion software updates distributing malware to its customers’ computers.
“When a software meant to help protect computers gets compromised, and hackers sit in your system for months and evade even the most premier cybersecurity firms in the world, that creates the perfect storm for them to calculate, plan, and prepare more campaigns,” Horton said.
Horton said when a cyberattack successfully occurs on the scale of SolarWinds, history suggests hackers are emboldened to come back for more money, valuable data, and fame.
“The SolarWinds hackers’ tactics and techniques worked so remarkably well last year that there was an incentive for them and others like them to keep going,” he added.
Furthermore, when one organization’s data is stolen by a hacker, then all of the clients, customers, and employees of that entity get compromised, creating a “spider web” effect, Horton said, affecting thousands of more victims than just the initial company under attack.