SolarWinds details Orion cyber attack
SolarWinds’ new CEO Sudhakar Ramakrishna has provided details into investigations into the compromise of its Orion network monitoring platform in a sophisticated cyber attack.
In an update, Ramakrishna said the company is working with DLA Piper, CrowdStrike, KPMG and other industry experts on a root cause analysis for the attack aimed at examining how malicious code was inserted into the software without its knowledge.
The investigation to date suggests the use of a “highly sophisticated and novel malicious code injection source” to insert the malicious code into the software.
The malware, which appears to have been carefully crafted to avoid detection, is so sophisticated that the US government and many private sector experts are speculating that a foreign nation state conducted the operation as part of a targeted attack on US cyberinfrastructure.
Analysis suggests that the attackers were able to circumvent threat detection techniques employed by SolarWinds, other private companies and even the US government. The code itself appears to have been designed to provide the perpetrators a way to enter a customer’s IT environment.
SolarWinds, CrowdStrike and KPMG have reverse engineered the code responsible for the attack as part of the investigation. The company has expressed concern that other software development environments could be vulnerable to a similar attack.
Why legacy systems have become cybersecurity's least trusted zone
Legacy systems are often portrayed as technical problems. However, in practice, they are a...
Why we need to redefine cybersecurity success to support CISOs
When Notifiable Data Breaches statistics are released we should look at the nature of the...
Is 2026 the year of identity? Just follow the money
What $40 billion in cyber acquisitions says about the future of identity security.
