The SolarWinds hack is a strong reminder why third-party risk management is so important.
If the answer to the first question is “No,” there’s no need to continue further. Some of these questions should include the following:
Many clients will also want to check with their vendors, especially those with personal identifiable information (PII)/sensitive data access, as to whether those vendors were using the compromised version of the SolarWinds tools. Additional detection methods have been noted in an article from the UK National Cyber Security Centre, which can be found here. A federal task force - which includes the FBI, CISA, ODNI and NSA - has been created to help further investigate and mitigate damage.įirst, if any organization uses SolarWinds themselves, it’s critical to verify whether they’re using an affected version.A class-action lawsuit has been filed against some of the top SolarWinds executives, citing poor data security practices and possible collusion.
#SOLARWINDS BREACH CODE#
Microsoft admitted that the attackers gained access to some of its source code via third-party resellers of its licenses, but the company insists they couldn’t have made any modifications to the code.The New York Times reported that the SolarWinds supply chain attack is believed to have impacted as many as 250 government agencies and businesses.While the aftermath of the breach is still unfolding, here are a few of the most recent updates: Likely, the trickle-down effect of this hack has only just begun.
#SOLARWINDS BREACH SOFTWARE#
Many Microsoft software licenses are sold through third parties, and those organizations can have near constant access to clients' systems as the customers add products or employees, making it even more critical to monitor the risk and access associated with third parties. For example, Microsoft is one of the affected parties. The domino effect of this attack is among the worst we’ve seen, and almost daily, an increasing number of affected parties are coming out of the woodwork - many of which are resellers of affected software themselves. Any system which came in contact with the compromised software may be infected or ravaged of sensitive information. The attack allowed hacker compromised software to be installed on the systems running certain tools offered by SolarWinds (Orion) and while SolarWinds has provided updated versions of the software, unfortunately, the damage has already been done. Just a few weeks ago, FireEye - a leading cybersecurity company - reported that it had been hacked, and in the process, also identified that SolarWinds’ IT monitoring and management software, Orion, had been compromised by the same crusade. To get a bit more specific, SolarWinds provides many information technology tools which support network monitoring. military and four-fifths of the Fortune 500 companies), has recently found itself at the center of an international hacking crusade affecting some of our country’s largest vendors. Texas-based enterprise monitoring software provider, SolarWinds, which serves as a vendor for more than 300,000 customers (both public and private, including every branch of the U.S. For those who still have questions, we’ll outline some background, go over what’s been uncovered so far and offer some solutions should you find your organization may be affected. The SolarWinds data hack has left many scrambling to pick up the pieces, while many set out to figure out how this happened in the first place. And, when a really nasty one occurs, especially one that could potentially threaten national security, we feel the effects alongside the rest and are strongly reminded why third party-risk management is so important. As third-party risk professionals, we’re all too familiar with data breaches and bad actors.
0 kommentar(er)
