Remediation Steps for SolarWinds Orion

It’s no secret that recent headlines have consistently featured cyber-attacks on a variety of companies and industries. Last week’s FireEye breach was significant and represents what appears to be nation-state activity targeting our infrastructure using supply-chain attack(s). By-product(s) of this attack are surfacing with each passing day.

Yesterday – one of these by-products, affecting the SolarWinds platform ‘Orion,’ was announced by DHS and highlighted several suggested actions to be taken by SolarWinds consumers to secure their environments.

In summary, a malicious update to the platform was released that effectively enabled a backdoor into systems within environments monitored by this platform. It’s noteworthy that the same supply-chain issue triggered this exploit as the FireEye breach.

It also highlights the growing concern posed by ‘fourth party risk’ whereby we’ve all become so interconnected that if one system is compromised, all others must take action to ensure their vulnerabilities are addressed.

SolarWinds released a statement and recommended actions on the matter as well. Chris Krebs, former director for the CISA captures the appropriate tone; you will find it in the bottom article linked below:

“If you’re a SolarWinds customer & use the below product, assume compromise and immediately activate your incident response team. Odds are you’re not affected, as this may be a resource-intensive hack,” said Christopher Krebs, former director of CISA. Krebs also shared his confidence in CISA and his suspicion that the cyberattack “has been underway for many months.”

The EVOTEK Security Team is here to assist. If you have an immediate need, please contact us today. Alternatively, you can register for this Wednesday’s Executive Intelligence briefing or January’s Security Summit.

Stay safe, informed, distanced, and masked. 😷

Share This Post

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore


Citrix Urging Immediate Patch – NetScaler

Citrix urged its customers on Tuesday to immediately patch NetScaler ADC and Gateway appliances exposed online against two actively exploited critical zero-day vulnerabilities. The two


Happy 9th Birthday, EVOTEK!

As we quickly close in on our first decade in business, I am in complete awe with what we have accomplished.  Numbers, growth, and accolades

Our team has been down that road.

A small black and white image of a road in a circle with small green gradient border, representing the journey to technology.