If you haven’t heard about the cyberattack on SolarWinds, it was devastating for many reasons. Microsoft has now officially uncovered yet another type of malware that was used to attack the software provider. This time around, it was a backdoor threat called the FoggyWeb Threat. So, let’s look into what this threat does and why it is so important to look into it.
Beginning in April, security researchers assigned the blame for the SolarWinds attack on the Russian Foreign Intelligence Service. But not only this, but Microsoft discovered that there were various modules used by the attacked group, which is a collective called Nobelium. Nobelium uses malware like GoldFinder, GoldMax and Sibot. There were other types of malware that were previously known to researchers including Teardrop, Sunspot and Sunburst/Solorigate. FoggyWeb installs a backdoor on already compromised servers.
Backdoors allow hackers to have all kinds of access to your computer systems. They can be used to access networks at any time and can be used to install malware, spy on users, access sensitive data and more. Backdoors are incredibly dangerous for businesses because of these reasons and many more.
FoggyWeb is specifically used to steal configurations and credentials from compromised servers. With these credentials, they can stay on the infrastructure even after they have been taken off of it. These credentials can also be used to control access to assets and important information. The FoggyWeb threat can also receive commands remotely to pull off even more dangerous stunts and cause a ton of trouble.
You need to be certain that your business does not fall victim to these types of threats. You should always have a multi-faceted approach to network security in order to keep your company safe. These approaches include network monitoring so suspicious activity can’t get through, user controls, and other important security solutions.
Luckily, MyTek has all of these solutions available for you. We can be the helping hand to keep your business safe, so give us a call today at 623-312-2444 to learn more.