Get Permission
The FBI, CISA and the ODNI are leading the U.S. government s response to the apparent cyberespionage operation that backdoored the widely used SolarWinds Orion network monitoring software.
American technology giants Cisco and Intel are among the thousands of organizations that have been affected by the supply chain attack targeting software vendor SolarWinds and, by extension, its customers.
The attack campaign, which was first revealed Sunday by FireEye, one of its victims, centers on the Orion network monitoring software from SolarWinds, a technology firm based in Austin, Texas, that until recently had a valuation of about $1 billion.
While SolarWinds may be relatively unknown, the company has 300,000 customers, of which nearly 18,000 may have been caught up in the supply chain attack, which involved attackers adding a backdoor to the company s Orion software, apparently by having infiltrated its software development pipeline (see:
DermSafe Hand Sanitizer Provides Effective Alternative as Hand Dermatitis Increases from Excessive Use of Alcohol Sanitizers and Increased Hand Washing
albuquerqueexpress.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from albuquerqueexpress.com Daily Mail and Mail on Sunday newspapers.
Get Permission
The Russian hacking group suspected of leveraging a tainted SolarWinds software update to infiltrate as many as 18,000 organizations is presenting a forensics challenge unlike any other.
To ensnare such a large group of private companies, government agencies and organizations is the equivalent of factory ocean trawler scraping the seabed. The question now for organizations is whether they were selected by the hackers for further probing, says Joe Slowik, senior security researcher at DomainTools (see:
“There’s a lot of work to do,” Slowik says. “I expect a lot of holidays, unfortunately, to be ruined by this activity as many organizations try to understand what their exposure was and whether or not they were impacted by this.”
Get Permission
SolarWinds has removed a list of selected customers from its website (above) following the discovery that its Orion software had been Trojanized and used to hack an unknown number of users.
As befits any data breach investigation that is rapidly unfolding in the public eye, more details about the SolarWinds breach continue to appear seemingly on an hourly basis.
Unfortunately, newly discovered victims are continuing to come forward at nearly the same pace, especially because attackers appear to have been operating undetected for at least nine months after successfully Trojanizing multiple versions of SolarWinds Orion network-monitoring security software, beginning in March. The Trojanized software was still available for download on Monday, and for some breached organizations, attackers may still be inside their network.
Source: U.S. Cybersecurity and Infrastructure Agency s Emergency Directive 21-01
Numerous security alerts have been issued regarding the supply chain attack targeting software vendor SolarWinds and, by extension, its customers.
The full scope of the attack campaign, which was first revealed Sunday by FireEye - one of its victims - remains unclear, as does the complete roster of victims. The U.S. Treasury and Commerce Department have acknowledged they have been affected by these attacks, and on Monday, the Washington Post and Reuters reported that the Department of Homeland Security might have been affected as well. Plus, late Monday news reports said the Department of Homeland Security, State Department and National Institutes of Health were also hit.
vimarsana © 2020. All Rights Reserved.