Categories: SecurityWorkspace

SolarWinds Issues Fix After Massive Hacking Campaign

Network tools maker SolarWinds has issued security fixes for its flagship Orion platform after the tool was discovered to have been used in a major hacking campaign earlier this month.

The company said it issued two patches on 14 and 15 December, a day after it disclosed on 13 December that Orion had been hacked.

The company also released fixes for all other versions of the Orion platform, including a fix for customers using unsupported versions.

“Sunburst” refers to what SolarWinds called a “very sophisticated supply chain attack” that inserted a vulnerability into Orion.

‘Supernova’

It later emerged the platform had also been hacked by a second, unrelated malware strain, called “Supernova”, which was deployed via a previously undetected software vulnerability in Orion.

The security fixes protect customers against both Sunburst and Supernova, SolarWinds said.

Following the company’s initial disclosure of the hac, it emerged that the Orion had been used to breach numerous US government departments and private companies.

The “Sunburst” attack is currently known to have affected the US Treasury Department, the National Telecommunications and Information Administration and the Department of Homeland Security, as well as Microsoft, Cisco, Intel,  Nvidia and UK accountants Deloitte.

A UK security source has said a small number of British organisations are likely to have been affected.

Nation-state hack

Some industry watchers have indicated it could take more than a year for organisations to determine whether they have been affected by the attack, which began in March.

US lawmakers have indicated they suspect Russian hackers to have carried out the “Sunburst” attack with the backing of the country’s government, although no attribution has yet formally been made.

“It’s clearly a sophisticated intelligence operation and no doubt was done by a state actor. And we’ll get around to attribution of that at a time and place of our choosing,” US national security adviser Robert O’Brien told Fox News.

Russia has denied any connection to the attack.

Liviu Arsene, a researcher at Bitdefender, said attacks on the supply chain are likely to become more common next year.

“Either for political or economic reasons, supply chain attacks will likely affect even industry verticals that have rarely been hit in the past, such as real-estate or healthcare,” he said.

He added that research, pharmaceuticals and healthcare organisations are likely to face increased threats.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

BT Eagle-i Seeks To Predict, Prevent Cyberattacks

Proactive security approach. New security platform from BT Security, dubbed 'Eagle-i', seeks to predict and…

2 days ago

Apple Risks South Korean Clash After Investigation Warning

South Korean government official warns of possible investigation into Apple's compliance with new App Store…

2 days ago

Moscow Metro Facial Recognition System For Speedy Payments

Privacy concern. Moscow's Metro system has launched 'Face Pay', a mass facial recognition system for…

2 days ago

US Army Delays $22 Billion Microsoft Augmented Reality Headsets

United States Army pushes back deployment date of Microsoft's augmented reality headsets, but insists it…

3 days ago

TSMC Confirms Chip Plant For Japan

Taiwanese chip giant TSMC confirms it will build a chip factory in Japan, that will…

3 days ago

GitLab Raises $800m In Successful Initial Public Offering

After a successful public debut that raised hundreds of millions of dollars, coding platform GitLab…

3 days ago