14 Dec 2020

We wrote last week about the irony of FireEye being successfully infiltrated by hackers, and we cut them some slack because we realized that the attack was highly sophisticated…  FireEye is a $3.5 billion Cyber Security firm that has some big and important clients, like the US government, and though Russia is saying that the mainstream media is lying about Russia’s involvement (*insert eye roll here*), it appears pretty likely that this was a concentrated attack, spearheaded  Cozy Bear, a Russian Federal Security Service (FSB) hacking group.

It appears that the clients of FireEye, including the US Government, have also been successfully infiltrated.  Confirmations of attacks started to roll out yesterday, the same day that FireEye released a statement that attackers had infected their victims by taking control of an update mechanism from the popular software app, Orion, from SolarWinds that the hackers exploited in order to install backdoor access  FireEye researchers have dubbed “Sunburst.”

Unfortunately, this has impacted more than just US government agencies and businesses; other victims include government, consulting, and other tech-savvy businesses in North America, Europe, Asia, and the Middle East, though it’s believed that this is just the start.  FireEye has already notified everyone they have found so far that were successfully breached in this attack.

How it Happened

According to a Microsoft post about the attack, after using the Orion update vulnerability to access their victims’ networks, the hackers began to burgle select signing certificates, which allowed them to that allow them to mimic not only their marks’ existing users but their accounts, as well… including the “highly privileged” accounts.

What’s really unsettling has that FireEye stated in a post of their own that apparently a multitude of businesses may have even been infected since around the beginning of stay-at-home orders.  Additionally, these are not “set it and forget it” attacks; each attack was carefully planned and executed and required manual manipulations.

SolarWinds for their part, have acknowledged that products released both in March and June of this year were likely weaponized by a nation-state.

For as many answers as we have, there are still at least that many questions.  We will continue to write about this massive breach as more information becomes available.

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30

    SCHEDULE AN APPOINTMENT

    Make It Happen Now

    CLIENT SUPPORT

    Don't Feel Stranded

    CONSULTATION

    Get Best Advice

    PAYMENTS

    Make A Payment

    Top