Massive Cyberattack Is Reminder For Publishers To Guard First-Party Data

  • by December 23, 2020
Revelations that Russian hackers likely breached the computer systems of U.S. government agencies and numerous big companies are a chilling reminder that publishers need to take steps to protect their networks. That's especially true for publishers that collect first-party data about readers to help their advertisers improve audience targeting.
The massive breach was first revealed by cybersecurity giant FireEye, which described the attacker as "a highly sophisticated state-sponsored adversary." The company later explained its systems were compromised through a malicious software update introduced in a product made by network-management company SolarWinds.
Unfortunately, hundreds of thousands of organizations use software made by SolarWinds, which said in a regulatory filing that as many as 18,000 customers used the malware-laced version of its Orion platform. Those customers include government agencies such as the U.S. Treasury and Department of Energy, and companies like Microsoft that do business with the government.
The federal government is concerned about the cyberattack, as seen last week in an emergency directive from the Cybersecurity and Infrastructure Security Agency, part of the U.S. Department of Homeland Security. It instructed all federal civilian agencies to review their networks and immediately stop using SolarWinds Orion products.
Only a handful of companies have publicly acknowledged they installed its tainted software — and the extent of any damage from data breaches is still unclear. Cisco Systems, Intel, Nvidia and VMWare were among the technology companies whose computers were infected with the software, The Wall Street Journal reported.

Cyberattacks often ensnare organizations in a thicket of internal investigations to determine whether hackers stole sensitive information and to assess the potential legal liability from the breach. In many cases, companies are reluctant to admit they experienced a breach because they want to avoid additional cyberattacks.
It's not yet clear whether the SolarWinds flaw affected any publishers, which should immediately consult their technology teams about any potential vulnerabilities in their computer networks. With many publishers warehousing first-party data about their readers, protecting that information is a priority.
Next story loading loading..