SolarWinds details Orion cyber attack
SolarWinds’ new CEO Sudhakar Ramakrishna has provided details into investigations into the compromise of its Orion network monitoring platform in a sophisticated cyber attack.
In an update, Ramakrishna said the company is working with DLA Piper, CrowdStrike, KPMG and other industry experts on a root cause analysis for the attack aimed at examining how malicious code was inserted into the software without its knowledge.
The investigation to date suggests the use of a “highly sophisticated and novel malicious code injection source” to insert the malicious code into the software.
The malware, which appears to have been carefully crafted to avoid detection, is so sophisticated that the US government and many private sector experts are speculating that a foreign nation state conducted the operation as part of a targeted attack on US cyberinfrastructure.
Analysis suggests that the attackers were able to circumvent threat detection techniques employed by SolarWinds, other private companies and even the US government. The code itself appears to have been designed to provide the perpetrators a way to enter a customer’s IT environment.
SolarWinds, CrowdStrike and KPMG have reverse engineered the code responsible for the attack as part of the investigation. The company has expressed concern that other software development environments could be vulnerable to a similar attack.
Why Macs could become an Achilles heel for businesses in 2025
As Macs continue to gain traction in the corporate world, their appeal to cybercriminals will...
Building a critical infrastructure security dream team
Today it's essential to have a strong cyber strategy, with all corners of the business aware...
The AI regulation debate in Australia: navigating risks and rewards
To remain competitive in the world economy, Australia needs to find a way to safely use AI systems.
