SolarWinds hack, FireEye Breach, The Biggest Cyber Attack against the US government, likely to be a global cyberattack on the MNC’s like Google, Microsoft, etc.
What is a Cyber Attack?
Cyber Security is more like a game where, in a moment if you think you are safe on the next moment may be your private passwords were broadcasting openly on the Internet, in the short term you realized that You were being Hacked. And so to protect that there are companies that protect you from being hacked, or advise you to secure your online presence in the right manner. So this is a game, right? One army is there to secure you and others to hack you.
How does Cyber Security work?
Think like this, there are two kinds of people for this blog we termed them as, people X, and people Y ( known as Red Team in FireEye ). What people X do is they do codings, install security patches, and put a Firewall that no one can breach into your system or online presence. And the people Y act like a bad guy but in a suitably controlled environment, they attack their own software to check how secure that is? Sometimes Automation & AI help to do that with some specific tools. And these are very confidential and if these tools or patches were put into some wrong hand or “Black Hat Hackers” that will be a nightmare.
What is FireEye, Why FireEye breach?
FireEye is one of the biggest Cyber Security company, situated in Milpitas, California. On 8th December 2020, FireEye CEO Kevin Mandia said The attack is “different from the tens of thousands of incidents we have responded to throughout the years,” and also wrote that “The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination.”
Just think one of the Biggest Cyber Security firms in the world accepting that “We were hacked”, this is known as FireEye Breach, This is breath-stopping thinking, that forces me to think maybe I am the next one? What happens to FireEye is, the attackers breached their servers where FireEye put their testing tools means the people Y tools or Red Tools and stole them. Yes, you heard it correctly. A bad, very bad dream maybe not like this.
Simply, SolarWind is a tool used by all of the Fortune 500 companies as their network monitoring tool. Basically, the SolarWind tool is very much powerful and the entire internet which is connected like a web can be monitored by SolarWind. The clients of SolarWind are very well known in the world, the fortune 500 companies (Google, Microsoft, etc.) governments, the FBI, NASA almost every big name is using this tool to monitor all the networking services.
The Hackers having access to the people Y tools, or dangerous virtual tools or Red Tools, somehow got the access of the server or the CDN from where the SolarWind issues new updates, and they inserted a Malicious Dynamic Link Library to the security patch. So now The security patch of SolarWind will act as a vulnerability and each client will be affected by this.
The connection between FireEye breach, SolarWind Hack
Now see the security patch of SolarWind tool is for March 2020, so it could be possible that the hackers have network-level access to all the big companies from March 2020. It feels like a nightmare but maybe it is real because all the events are connected precisely. The FireEye supposed that the attackers are from Russia, but there is no proof. This is just for 2020, you never know what will happen in 2021. The news is just out that FireEye Breach happened, SolarWind Hack happened but what next the attackers will do with the stolen tools? Don’t know.
You never be safe on the Internet, but what you can do is try to be safe by using things from reliable sources, and even a small think while using, it is important to know that how to use it? I have explained the 10 Best Security tips to be safe online in this blog. Try to be safe & Thanks for Reading.