SolarWinds Under Siege
SolarWinds disclosed Sunday that it experienced a highly sophisticated, manual supply chain attack on versions of its Orion network monitoring product released between March and June of this year. The company said it’s been told the attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed attack, though no specific country was named.
A FireEye blog post states that hackers gained access to numerous public and private organizations through trojanized updates to SolarWinds’ Orion software, but didn’t disclose the identity of any of the victims. Media reports have attributed attacks on the U.S. Treasury and Commerce Departments as well as FireEye to a vulnerability in the Orion products, but SolarWinds said Monday it’s still investigating.
The colossal SolarWinds breach is sending shockwaves through Capitol Hill and Fortune 500 corner offices alike given the high-profile nature of the reported victims and the presumed involvement of Russian intelligence services. From how the hackers evaded detection to why federal agencies must power down Orion to its impact on the SolarWinds MSP business, here are the big things to know about the SolarWinds hack.