SolarWinds Orion Attack
By Frederick Johnson, Vice President - Cybersecurity & Digital Forensics
You may have heard about a major cybersecurity breach reported in the news media, involving a large number of U.S. government federal agencies, large private and public companies, and individuals. These reports indicate that this breach involves a common piece of IT monitoring software named Orion, developed by SolarWinds, which may have been hacked by nations outside the United States.
It appears to have affected more than 18,000 of SolarWinds’ customers, including some of the largest IT providers in the world such as Microsoft. Microsoft, in concert with GoDaddy, is working to stop the malware from successfully operating.
SolarWinds has issued a software update (version 2020.2.1 HF2) which it recommends all customers install immediately on top of existing Orion implementations. Marcum Technology also recommends contacting your IT service to confirm that it is not currently susceptible to attack through this exploit.
We further recommend you continue to monitor this situation.
If you have questions or need assistance, Marcum Technology can also work with you to determine which of your systems and vendors could be susceptible to attack. Contact us at [email protected] to learn more about how we can help you manage your risk.