Hackers target global IT supply chain

Published: Oct. 27, 2021 at 6:17 PM EDT
Email This Link
Share on Pinterest
Share on LinkedIn

HARRISONBURG, Va. (WHSV) - A group of Russian hackers has targeted a global IT supply chain by going after service providers that customize and manage cloud services and other technologies on behalf of their customers.

So far, Microsoft has identified 140 service providers and resellers that have been affected.

The hackers are looking for weaknesses with these IT service providers to gain access to their customers’ network.

Cyber security experts say the software that most people are using are fairly secure, but those vulnerabilities come from human behavior.

“Things like using weak passwords, which ended up being a source of the attack in SolarWinds in 2020. Things like poor patching and update practices,” Alex Stein, founder of BlueTec LLC, said.

He adds it’s important to make sure you are regularly updating your computer, servers and networks because those updates usually come with fixes to possible vulnerabilities in the system.

You should also be sure to use two-factor authentication for all of your accounts.

“If everyone along the way from the software manufacturer to the service provider to the end customer implements good hygiene, good cyber hygiene, and practices, then they can reasonably expect to be secure,” Stein said.

Be cautious when getting an email or text when a link is in it.

“Always make sure you verify who is sending you that link or attachment before you click on anything,” Stein said.

Copyright 2021 WHSV. All rights reserved.