“2020 was the year in which the world was gripped by a global pandemic.” Rightfully, this was the top story of nearly all news and media reports. Buried underneath the stories and numbers of a physical pandemic, were the reports of a digital pandemic. The correlation between these two types of pandemics is easy to see in hindsight; a global workforce leaving their office, and the cybersecurity it had provided, to work from home on their own devices and with their own cybersecurity, (or lack thereof). On a consumer level, there has been a 51% increase in global cyberattacks since 2019, and 2020 became ‘the worst year on record’ for data breaches. This dramatic increase in attacks, while remarkable, was not unforeseen in the cybersecurity world at the start of the pandemic. When the first waves of office workers made their initial exodus to turn their homes into impromptu offices, experts and leaders in the cybersecurity industry warned of the dangers of working from home without appropriate cybersecurity. They warned that the “bring-your-own-device” approach many companies were taking would make working from home dangerous without the correct in-house security one would expect to find in any business.
The digital breaches experienced during the transition of employees to working from home was not the biggest cybersecurity news of the year, however. In recent days, it has come to light that the US government has witnessed its single biggest cyberattack in history, with many of the details yet to unfold. The attack, which was carried out by state-sponsored hackers, is believed to have started as far back as March, but was only detected a week ago. It is now known that in March, the hackers breached and gained access to SolarWinds, a Texas-based IT and network management company. SolarWinds provides a number of tools, one of which is the Orion network monitoring tool. Orion is used by many companies including Deloitte, Intel, Nvidia, VMware and also a number of governments, chiefly the US and UK governments. Orion, once breached by the hackers, gave them a back door to every users’ network.
The reality of the attack only became noticeable when earlier in December when FireEye, a company that provides cybersecurity to the US government, identified an attack on its own systems. The attack used the aforementioned Orion, and after FireEye investigated the cause of the attack, they alerted authorities about the breach. FireEye uses a number of tools to carry out fake attacks on their customers which they then use to test the defense of a system. In the attack on FireEye, these testing tools were stolen by the hackers; highlighting just how dangerous and far-reaching the Orion breach could be.
It is difficult to say exactly how destructive an attack like this is. As of now, many US government organizations have been breached: the state department, the treasury department, homeland security, the Los Alamos and Sandia National Laboratories (where nuclear weapons are developed), the National Nuclear Security Administration, the National Institutes of Health, and many more which are being revealed hourly and daily. Tom Bossert, the former homeland security advisor, said this week in a New York Time op-ed, that “the magnitude of this ongoing attack is hard to overstate, and demands a swift, decisive response in which all elements of national power must be placed on the table.”
The last 12 months have made it abundantly clear that cybersecurity should be the number one priority during personal and corporate internet use, and the last week has made it equally clear that not all cybersecurity tools are created equally. Over the past several years the US has invested billions of dollars in Einstein, a system designed to detect digital intrusions. But because the SolarWinds hack was what is known as a “supply chain” attack, in which Russia compromised a trusted tool rather than using known malware to break in, Einstein failed spectacularly. The government cannot say it wasn’t warned! A 2018 report from the Government Accountability Office recommended that agencies — and federal defense systems more broadly — take the supply chain threat more seriously. It is vital that the tools that you and your business use are sophisticated enough to detect the threats supply chain attacks present.
SaferNet is the perfect solution to the cybersecurity issues that individuals, families, and businesses face today. It not only connects every device using a secure, 24/7 always on, military grade VPN, but it also stops outside cyberthreats, malware and viruses as well. On SaferNet, all users are protected anywhere in the world, all the time, on any cellular or Wi-Fi network. In addition to SaferNet’s VPN and cyber protection, it also offers a range of employee or parental/family internet controls including internet filtering, monitoring, scheduling, and blocking access to websites or even entire website categories
Typically, a business or family would need 3 separate services for a VPN, Malware Protection, and Internet Controls; SaferNet offers all 3 features in one service. SaferNet truly is an endpoint security presence that can be implemented in minutes around the world, on phones, laptops, tablets, and computers at an economical price point that caters to all sizes of businesses and families. SaferNet guarantees a smooth setup and installation process that takes only minutes, and an easily accessible control hub for you to monitor all your employee’s or family members devices; including activity, time spent online, and threats blocked.