1. SolarWinds And The Biggest Security Breach Of 2020

In a year characterized by a massive pandemic and a huge ransomware blitz, the last thing anyone needed in 2020 was a security hack via a commonly used networking monitoring tool. Yet that’s what 2020 brought to users of SolarWinds’ Orion networking monitoring technology, including tech giants, internet service providers, IT solution providers, federal agencies, and county governments. Hackers, likely from Russia, sometime during the year quietly hacked SolarWinds Orion to insert malicious code into legitimate software updates for the Orion software that allow an attacker remote access into the victim’s environment while blending into normal network activity and maintained a light malware footprint to help avoid detection. The attacks were very sophisticated, with attackers able to use Orion to breach other systems, including Microsoft and Azure.

Several solution providers, including Deloitte, Stratus Networks, ITPS and Netdecisions, were breached via SolarWinds and then specifically targeted by the hackers for additional internal compromise, according to cybersecurity consultancy Trusec.

The IT industry, and the channel, has not heard the last of the impacts of the SolarWinds breach.