The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 21-01 commenting on the SolarWinds software hack.
SolarWinds: Wide-Reaching Hack Pulls at The Fibers Of Private And Public Infrastructure
December 21, 2020
SolarWinds is a notoriously affordable yet robust network monitoring software. This software detects diagnoses and attempts to resolve any problems found. Many found this software to be alluring. However, many IT companies and SolarWinds users have been subjected to a wide-reaching hack according to the Cybersecurity and Infrastructure Agency (CISA).
The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 21-01commenting on the SolarWinds software hack. The directive states that “This Emergency Directive calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.” CISA Acting Director Brandon Wales urges, “The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” They state that both public and private sectors have been compromised. The CISA states that “This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. All agencies operating SolarWinds products should provide a complete report to CISA by 12 pm Eastern Standard Time on Monday, December 14, 2020.” These reports urge users of SolarWinds products to stay vigilant.
This hack is very concerning not only to the CISA but also to the United States Treasury and Commerce departments According to the Washington Post “Russian government hackers breached the Treasury and Commerce departments, along with other U.S. government agencies, as part of a global espionage campaign that stretches back months, according to people familiar with the matter.”The breach is said to have been happening for several months unbeknownst to officials.
The Washington Post continues to inform that “The Russian hackers, known by the nicknames APT29 or Cozy Bear, are part of that nation’s foreign intelligence service, the SVR, and they breached email systems in some cases, said the people familiar with the intrusions, who spoke on the condition of anonymity because of the sensitivity of the matter.” According to the Washington Post, the same group that perpetrated this attack also hacked the Obama administration’s email servers.
The Washington Post informs that “SolarWinds said Sunday in a statement that monitoring products it released in March and June of this year may have been surreptitiously weaponized in a “highly-sophisticated, targeted. . . attack by a nation-state. “The company filed a document Monday with the Securities and Exchange Commission saying that “fewer than 18,000” of its more than 300,000 customers may have installed a software patch enabling the Russian attack.” The Washington Post continues to state that “It was not clear, the filing said, how many systems were actually hacked.” The wide reach of the hack is still not known in its entirety.
Concerns still mount with the Washington Post stating that “The corporate filing also said that Microsoft’s Office 365 email may have been “an attack vector” used by the hackers. Microsoft said in a blog post-Sunday that it had not identified any Microsoft product or cloud service vulnerabilities in its investigation of the matter.” With so many concerns and still little information about how wide-reaching this Russian perpetrated attack may reach, the need to stay secure is more important than ever.
Synergy Infosec is here to help with any issues you or your business may encounter. Synergy Infosec offers our easy-to-use tools and scanners dashboard as well as our one-of-a-kind 24/7 consulting services to help you or your business when you need it most.
The first thing any company should think of is protecting their business. Our cybersecurity scanners and tools will protect your business product, so you can focus on conquering the market and leaving your competitors far behind!
Sign up to receive our security newsletters