A zero-day vulnerability in SolarWinds MSP’s remote monitoring and management (RMM) tool n-Central announced in January 2020 allowed security researchers to steal the administrative credentials of an account holder, security vendor Huntress said at the time. This isn’t the first time that SolarWinds’ technology has been open to exploitation.
Hack comes months after zero-day exploit of RMM tool
From how the hackers evaded detection to why federal agencies must power down Orion to its impact on the SolarWinds MSP business, here are the big things to know about the SolarWinds hack.ġ0. The colossal SolarWinds breach is sending shockwaves through Capitol Hill and Fortune 500 corner offices alike given the high-profile nature of the reported victims and the presumed involvement of Russian intelligence services. Media reports have attributed attacks on the US Treasury and Commerce Departments as well as FireEye to a vulnerability in the Orion products, but SolarWinds said Monday it’s still investigating. The company said it’s been told the attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed attack, though no specific country was named.Ī FireEye blog post states that hackers gained access to numerous public and private organisations through trojanized updates to SolarWinds’ Orion software, but didn’t disclose the identity of any of the victims.
#SOLARWINDS SECURITY BREACH MANUAL#
SolarWinds disclosed Sunday that it experienced a highly sophisticated, manual supply chain attack on versions of its Orion network monitoring product released between March and June of this year.