Express Computer
Home  »  News  »  FireEye, Microsoft confirm SolarWinds supply chain attack

FireEye, Microsoft confirm SolarWinds supply chain attack

0 145

Global cybersecurity firm FireEye that faced a data breach last week has revealed that hackers believed to be operating on behalf of a foreign government breached software provider SolarWinds and then deployed a malware in its Orion software to infect multiple US companies and government networks, including itself.

The revelation came after the Washington Post reported on Sunday that a hacker group backed by the Russian government is behind data breaches at the Treasury and Commerce departments and other US government agencies.

The group, known as APT29, or Cozy Bear, is also behind the attack on FireEye, accessing its internal network and stealing hacking tools the company uses to test the networks of its customers.

According to FireEye, the global hacking campaign introduced a compromise into the networks of public and private organizations through the software supply chain.

“This compromise is delivered through updates to a widely-used IT infrastructure management software — the Orion network monitoring product from SolarWinds. The campaign demonstrates top-tier operational tradecraft and resourcing consistent with state-sponsored threat actors,” said Kevin Mandia, FireEye CEO.

The attacks required meticulous planning and manual interaction.

“We believe it is critical to notify all our customers and the security community about this threat so organizations can take appropriate steps, FireEye said in a statement late on Sunday, adding that the company has updated its products to detect the known altered SolarWinds binaries.

In a separate security advisory, SolarWinds said the attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed attack, as opposed to a broad, system-wide attack.

“We are recommending you upgrade to Orion Platform version 2020.2.1 HF 1 as soon as possible to ensure the security of your environment. The latest version is available in the SolarWinds Customer Portal”.

However, neither FireEye nor SolarWinds revealed how many customers were impacted due to the attack.

“We are working to investigate the impacts of this incident and will continue to update you as we are made aware of any interruptions or impact to your business specifically,” SolarWinds said.

Microsoft has named the malware Solorigate and added detection rules to its Defender antivirus. FireEye has named the malware SUNBURST.

–IANS

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image