Exploit: Hacking (Nation-State)
SolarWinds: Cybersecurity Software Developer
Risk to Business: 1.122 = Extreme
An incursion by suspected Russian nation-state hackers at this major cybersecurity solutions provider was the suspected starting point of a massive hacking incident impacting a number of federal agencies and defense assets. The hackers were able to obtain authentic credentials that enabled them to inject code into a routine software patch, opening backdoors into client files and systems.
As you’ve likely seen reported, SolarWinds discovered a supply chain attack compromising their Orion business software updates that distributed malware known as SUNBURST. The malware permits an attacker to gain access to network traffic management systems, and the attacker can leverage this to gain elevated credentials. This compromise was used to target the cybersecurity firm FireEye, as well as multiple U.S. government agencies. For more information on the details of the breach, please see the advisory from the Cybersecurity & Infrastructure Security Agency.
DHS 20-21 Is a Emergency Directive to disconnect any server or device running SolarWinds Orion.
Fire-Eye is a product used to simulate an attack on an organization.
For more Cyber Alerts visit: