A prominent story in The New York Times last week set a compelling stage: “Did one guy just stop a huge cyberattack?”
The article dove into the details of Andres Freund, a 38-year-old software engineer at Microsoft. Freund recently stumbled upon a secret backdoor embedded in Linux, the open-source operating system that runs most global servers used by government, finance, and healthcare organizations.
Like most versions of popular open-source software, Linux receives regular updates from coders and developers, who fix vulnerabilities whenever they encounter them. But when Freund encountered an unusual line of code, he realized it was something bigger—possibly even the kind of hidden “master key” that could allow hackers to hijack hundreds of millions of systems and execute a major cyberattack.
The New York Times extends the metaphor beautifully:
“In the cybersecurity world, a database engineer inadvertently finding a backdoor in a core Linux feature is a little like a bakery worker who smells a freshly baked loaf of bread, senses something is off and correctly deduces that someone has tampered with the entire global yeast supply. It’s the kind of intuition that requires years of experience and obsessive attention to detail, plus a healthy dose of luck.”
As Freund did more research, he kept finding more evidence of a serious issue. So he distributed his information to a group of open-source software developers, who quickly fixed the problem and gave Freund credit for preventing what “could have been the most widespread and effective backdoor ever planted in any software product,” according to cybersecurity experts interviewed for the article.
It was a major publicity win for Microsoft, which has struggled lately. The New York Times recently sued Microsoft and OpenAI over claims of copyright infringement involving artificial intelligence systems that generate text. And the same week as the news about the intrepid coder saving the day, the Department of Homeland Security’s Cyber Safety Review Board recently faulted Microsoft for “shoddy cybersecurity practices, lax corporate culture, and a deliberate lack of transparency” related to a targeted Chinese hack last year that infiltrated the Microsoft Exchange Online mailboxes of 22 organizations and more than 500 individuals around the world, including leading U.S. government officials.
What does all this mean for the everyday business?
The Linux vulnerability and the Chinese hack were both incredibly sophisticated, with U.S. intelligence agencies saying that last year’s breach was carried out at the behest of the Ministry of State Security (MSS), Beijing’s elite spy service. The exact source of the Linux backdoor is still undetermined, though researchers think that only Russia or China—countries with thriving digital crime groups that employ hackers with formidable chops—could have pulled it off.
But there are still lessons to be learned for everyday businesses across North America. CMIT Solutions has compiled a few in the list below:
- Work with a managed services provider you can trust. Most companies don’t have a savvy, world-saving coder like Andres Freund on staff. But that kind of expertise can still benefit your business—if you find an IT provider like CMIT Solutions that you can trust. The effort is worthwhile—and the investment can generate a solid return on investment—since reliable technology support can keep systems running, maintain day-to-day operations, protect business data, and empower your employees to remain productive.
- Secure every device and account with comprehensive cybersecurity protection. Part of Microsoft’s struggle with the aforementioned Chinese hack is the fact that they still haven’t determined its source. But research points to two potential threat vectors: an engineer hired in 2020 was allowed to use a compromised personal laptop for nearly a year, while an old employee’s single sign-on key was never deactivated—even though they stopped working for the company in 2016. That’s why comprehensive cybersecurity protection for every machine and every login is so important.
- Identify other areas of immediate need. If you’re not backing up your data regularly (or your backup drive lives next to your computer), this critical need should be addressed first. Data loss can be devastating for a business, and many of the biggest cybersecurity issues like malware and ransomware can be avoided with reliable, remote backups to ensure business continuity and stability of all devices.
- Don’t overlook compliance. Regulatory satisfaction is another big issue that many companies aren’t aware of. Maybe your healthcare or finance business is subject to HIPAA or FINRA regulations. Maybe you do business in Canada and have to meet PIPEDA requirements. Or maybe you live in one of the 10+ U.S. states that have recently enacted more stringent data protection and privacy laws for all companies, no matter the industry. In a world where one mistake can lead to serious civil or criminal penalties, CMIT Solutions can help you comply with any and all requirements.
- Weigh the benefit of 24/7 monitoring. Not every business needs around-the-clock protection—but every company deserves proactive, preventative maintenance. Reliable IT providers should offer a national help desk and network operations center staffed by knowledgeable technicians. And in the event of an off-hours or weekend emergency, these resources should be available to solve any problem promptly. CMIT Solutions has relied on this kind of proactive approach for the last 25 years, working whenever necessary to spot current problems and anticipate future threats long before they impact your business.
- Find the right solutions that fit your budget and meet your needs. Proactive IT services provide better long-term value than reactive or break/fix services. But that doesn’t mean you should break the budget paying for them. Your IT provider should understand your pragmatic financial constraints and help you identify an appropriate course of action that solves short-term problems with a solution you can afford. For a fixed monthly cost, CMIT Solutions provides cybersecurity protection against ransomware infections and data breaches like those outlined above. We can also implement responsive firewalls, antivirus software, traffic analysis, remote maintenance, and other multi-layered solutions.
- Deliver cybersecurity education and awareness to your employees. Some data breaches and viruses can only be spotted by advanced IT tools. But some can be prevented by everyday employees—especially if they understand common cybersecurity threats and data privacy concerns before an incident occurs. Instead of treating education and training as a frustrating requirement, CMIT Solutions’ clients often appreciate the transformative effect it can have on a staff’s overall attitude toward technology. When employees are more invested in cybersecurity, you get a strong first line of defense protecting your company against common threats like phishing and ransomware.
Compared to the enormous cost inflicted by a data breach or software vulnerability, proactive IT services are far cheaper. Good IT support can empower your employees to work smarter everyday while setting your business up for long-term success. Every company deserves that kind of enterprise-level support and competitive advantage.
If you’re ready to work with IT experts who care about your business and can mitigate the most significant risks, CMIT Solutions is ready to connect. We have more than 250 offices and 800 technicians across North America, all providing thousands of clients with cutting-edge cybersecurity protection.
Don’t waste another minute worrying about high-profile hacks or trying to navigate the complex IT landscape alone. Contact CMIT Solutions today to talk to a trusted IT expert for guidance you can count on.