1. SolarWinds Hack Sent Shockwaves Throughout World
The manual supply chain attack against SolarWinds’ Orion network monitoring platform was uncovered in December and has sent shockwaves throughout the world, with suspected Russian government hackers gaining access to U.S. government agencies, critical infrastructure entities and private sector organizations.
The injection of malicious code into Orion between March and June 2020 allowed hackers believed to be with the Russian foreign intelligence service, or APT29, to compromise Microsoft, VMware, Cisco and FireEye, as well as U.S. Departments of Commerce, Defense, Energy, Health and Human Services, Homeland Security, State and Treasury, according to reports from Reuters and The Washington Post.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered all federal civilian agencies Dec. 13 to power down SolarWinds Orion products until all hacker-controlled accounts and identified persistence mechanisms have been removed. CISA said it has evidence of additional initial access vectors beyond SolarWinds Orion, but noted those other intrusion methods are still being investigated.