





Discover the valuable insights our consultants provide. Subscribe to our Insights blog to receive email alerts whenever we post something new!
On December 8, 2020, one of the world's largest security firms, FireEye, announced it had been hacked by a "highly sophisticated threat sector".
These state-sponsored hackers accessed its internal network and stole hacking tools FireEye uses to test the networks of its customers. During their investigation, FireEye announced on December 11th that SolarWinds Orion was the tool used to breach their defenses.
SolarWinds develops software to help manage computer networks and systems. Their Orion software is a tool that allows management of multiple systems through one interface. It allows IT departments to manage all of their computers at once. This also means it allows a threat actor to get anywhere in a computer network very quickly.
Should you be concerned?
Like most things in security, the answer is "it depends".
Security is about managing risk. If a company has Orion software installed, and it was updated in 2020, the bad guys have access inside of their network.
If you fit this scenario, it's time to shut off the software, follow the advice of the Cybersecurity and Infrastructure Security Agency (CISA), and reinstall the software. (CISA is a standalone United States federal agency, an operational component under the Department of Homeland Security).
If a company doesn't utilize Orion software, they may not be out-of-the-woods yet.
As security organizations analyze what happened during this breach, more things are being discovered. As an example, Microsoft announced last week that the threat actors had been able to look at the source code for their software. That doesn't mean anything yet, but it may lead to future breaches based on the knowledge they gained.
Keep an eye on the news, watch for updates, or contact SVA Consulting for a better understanding of the risks that need to be managed.
©2021 SVA Consulting
Contact@svaconsulting.com
800-366-9091
1221 John Q Hammons Dr. Suite 201 Madison, WI 53717
18650 W. Corporate Dr. Suite 205 Brookfield, WI 53045
1600 Utica Ave S, 9th Floor
Saint Louis Park, MN 55416
Los Angeles, CA
San Francisco, CA
New York Metro Area
©2021 SVA Consulting, LLC. All Rights Reserved. | Privacy Policy | Cookie Policy | CCPA