Categories: SecurityWorkspace

SolarWinds Issues Fix After Massive Hacking Campaign

Network tools maker SolarWinds has issued security fixes for its flagship Orion platform after the tool was discovered to have been used in a major hacking campaign earlier this month.

The company said it issued two patches on 14 and 15 December, a day after it disclosed on 13 December that Orion had been hacked.

The company also released fixes for all other versions of the Orion platform, including a fix for customers using unsupported versions.

“Sunburst” refers to what SolarWinds called a “very sophisticated supply chain attack” that inserted a vulnerability into Orion.


It later emerged the platform had also been hacked by a second, unrelated malware strain, called “Supernova”, which was deployed via a previously undetected software vulnerability in Orion.

The security fixes protect customers against both Sunburst and Supernova, SolarWinds said.

Following the company’s initial disclosure of the hac, it emerged that the Orion had been used to breach numerous US government departments and private companies.

The “Sunburst” attack is currently known to have affected the US Treasury Department, the National Telecommunications and Information Administration and the Department of Homeland Security, as well as Microsoft, Cisco, Intel,  Nvidia and UK accountants Deloitte.

A UK security source has said a small number of British organisations are likely to have been affected.

Nation-state hack

Some industry watchers have indicated it could take more than a year for organisations to determine whether they have been affected by the attack, which began in March.

US lawmakers have indicated they suspect Russian hackers to have carried out the “Sunburst” attack with the backing of the country’s government, although no attribution has yet formally been made.

“It’s clearly a sophisticated intelligence operation and no doubt was done by a state actor. And we’ll get around to attribution of that at a time and place of our choosing,” US national security adviser Robert O’Brien told Fox News.

Russia has denied any connection to the attack.

Liviu Arsene, a researcher at Bitdefender, said attacks on the supply chain are likely to become more common next year.

“Either for political or economic reasons, supply chain attacks will likely affect even industry verticals that have rarely been hit in the past, such as real-estate or healthcare,” he said.

He added that research, pharmaceuticals and healthcare organisations are likely to face increased threats.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

MWC 2024: BT To Switch On Stand-alone 5G Network In 2024

Stand-alone 5G network in the UK, without a 4G core or anchor, will be switched…

2 days ago

Judge Signals Elon Musk May Lose Lawsuit Against Non-profit

Elon Musk's high profile lawsuit against a hate speech non-profit may be in trouble, after…

2 days ago

OpenAI Sued For Unauthorised Use Of Journalist Content, Again

Three US online news outlets sue OpenAI, alleging the AI pioneer used thousands of their…

3 days ago

Microsoft Investment In Mistral AI Prompts EU Scrutiny Calls

European lawmakers call for investigation after Microsoft this week made small investment in French startup…

3 days ago

Apple To Disclose AI Plans This Year, Says Tim Cook

CEO Tim Cook once again indicates Apple will open up about its generative artificial intelligence…

3 days ago