The SolarWinds Hackers are Back and Manufacturing is on Alert
In a year of big headlines, one of the major stories of 2020 was the discovery of a large-scale hack affecting a huge intersection of private sector companies and government organizations. Dubbed the ‘SolarWinds Attack’ due to the compromised software that enabled it, this cybersecurity incident is one of the most prolific ever documented.
Now, the hackers who orchestrated it are back, and this time, their efforts are less clandestine. They’re not the only threat either. Emboldened by the original SolarWinds attack, cybercrime has boomed over the last 12 months — putting the manufacturing industry in clear and present danger.
A recap of the original SolarWinds hack
In early 2020, cybersecurity firm FireEye discovered hackers had managed to inject a computer virus into SolarWinds’ software by disguising it as a standard update. The virus infected any organization using the company’s network infrastructure tools, including numerous Fortune 500 companies, the U.S. Treasury Department, and the U.S. Department of Commerce’s National Telecommunications and Information Administration. Even the U.S. Department of Homeland Security was affected.
The most worrisome detail about the SolarWinds attack is it went unnoticed for months, allowing perpetrators unrestricted access to valuable data. And it revealed the existence of extremely sophisticated cybercriminals, capable of breaching even the most secure systems.
A second, noisier attack
Despite a complete remediation of the malicious SolarWinds code, the original Russian hackers who planted it were not deterred. In a recent, less-sophisticated second attack, the same hackers targeted another 150 organizations — most of them U.S. and foreign government agencies or think tanks — with a spear-phishing assault. They sent emails posing as a marketing company with malware links embedded for unsuspecting victims to click.
Spear-phishing is a run-of-the-mill, low-stealth practice. It’s a strong departure from the relative brilliance of the original SolarWinds attack. This bold new approach has raised eyebrows within the cybersecurity community and left some wondering if the latest attack was just a distraction. Some have speculated that the spear-phishing assault was merely a probe, and there’s a bigger, more sophisticated attack coming.
Manufacturing in the sights
Both attacks orchestrated by SolarWinds hackers targeted government agencies and affiliated companies. But many now believe manufacturers are next. A rising trend in cybercrime involves holding a company’s data for ransom. During these ransomware attacks, hackers encrypt a company’s data and refuse to decrypt it until the victim pays a ransom.
Speculation about an impending attack on manufacturing comes from a recent uptick in ransomware incidents among manufacturers. In March 2021, beverage manufacturer Molson Coors suffered a massive cyberattack that brought down its systems for several days. Just last month, JBS — a giant in the meat processing industry — faced its own ransomware attack.
Hackers are emboldened by “success stories” like these, which may prompt cybercriminals to target more manufacturing companies in the future.
Manufacturers need constant vigilance
Recent cyberattacks illustrate the importance of cybersecurity not only in practice, but as a fundamental part of a company’s digital infrastructure. Cybercriminals are growing more capable of major disruption. SolarWinds showed that even the most secure software usage isn’t immune to exploitation. Manufacturers need to stay on the cutting edge of cybersecurity best practices. A proactive emphasis on cybersecurity keeps public and private sector organizations out of hackers’ crosshairs.
