- ORION SOLARWINDS TRAINING SUPPLIER INSTALL
- ORION SOLARWINDS TRAINING SUPPLIER MANUAL
- ORION SOLARWINDS TRAINING SUPPLIER FULL
Once SolarWinds customers downloaded and implemented the compromised Orion versions, a backdoor would be opened to the adversaries, allowing them to take control of the server on which the Orion product was installed. In the SolarWinds’ Security Advisory cited by CISA, SolarWinds stated that the hackers, believed by SolarWinds to be associated with a nation state, were able to compromise the Orion software build system for certain versions of the software by inserting a backdoor in specific software updates released between March and June 2020.
ORION SOLARWINDS TRAINING SUPPLIER INSTALL
Once the threat actors have gained access to the service provider’s systems, they can leverage this access to attack the systems of the service provider’s business partners, such as those who purchase and install the provider’s software. In a supply chain attack, hackers infiltrate an organization’s systems by exploiting connections between the victim company and a service provider, such as a software provider. The SolarWinds attack is reportedly related to the recent attack on FireEye, which announced on Decemthat it had been compromised by a highly sophisticated threat actor, resulting in the theft of proprietary tools used by FireEye to help its customers locate and remediate network vulnerabilities.Ī Supply Chain Attack with Far Reaching Consequences CISA also published an alert encouraging affected organizations to consult advisories from both SolarWinds and FireEye, a security firm that had released its threat research on the hacking campaign earlier that day, including details on notable stealthy techniques used by the attackers. Although the Emergency Directive only requires action by federal civilian Executive Branch agencies, in announcing the Directive and on their Twitter page, CISA called on their partners in both the public and private sector “to assess their exposure to this compromise and to secure their networks against any exploitation,” recommending that “all organizations” review Emergency Directive 21-01.
ORION SOLARWINDS TRAINING SUPPLIER FULL
Public and Private Sector Organizations Encouraged to Take ActionĪs details regarding the full impact and scope of this attack unfold, on December 13, CISA issued Emergency Directive 21-01, requiring agencies to immediately take certain actions to combat the threat posed by the SolarWinds compromise. The Cybersecurity and Infrastructure Security Agency (CISA) within DHS has advised that both public and private sector organizations using certain Orion products may be at risk of compromise. As a result of this attack, several key government agencies have reported that hackers were able to break into their networks, including the Department of Homeland Security (DHS), as well as the Commerce and Treasury Departments. According to SolarWinds, this attack may affect as many as 18,000 customers. In this attack, adversaries were able to compromise the Orion software build system for certain versions of the software, and trojanized software updates were distributed to customers between March and June 2020.
ORION SOLARWINDS TRAINING SUPPLIER MANUAL
On Sunday, December 13, 2020, SolarWinds announced that it had learned of a “highly sophisticated, manual supply chain attack” by a nation state affecting its Orion Platform, which is used by a wide variety of public and private sector organizations for IT infrastructure monitoring and management.