Nearly one year ago, SolarWinds — a major U.S. information technology firm — was the subject of a cyberattack that spread to its clients and went undetected for months. Along with the theft of user credentials, attackers installed malware to spy on multiple federal agencies and Fortune 500 companies.
Federal investigators and cybersecurity experts suspect that Russia‘s Foreign Intelligence Service, known as the SVR, is probably responsible for the attack. As the SolarWinds breach continues to unravel a year later, the true extent of the attack is still unknown.
The actors that were behind the attack are constantly evolving and targeting U.S. government agencies and businesses. To avoid becoming the next major breach, remember these cybersecurity best practices:
n Change your passwords if you suspect they have been compromised or leaked.
n Never share passwords with others.
n Store passwords in a secure location.
n Keep your software updated.
n Never use unapproved applications or software on any USPS device.
n As always, watch out for phishing emails.
To learn more about the SolarWinds breach, visit businessinsider.com/solarwinds-hack-explained-government-agencies-cyber-security-2020-12.
— Corporate Information Security Office,
Chief Information Security Officer
and Digital Solutions, 1-13-22
