Security News > 2020 > December > Backdoored SolarWinds software, linked to US govt hacks, in wide use throughout the British public sector

Concern is gathering over the effects of the backdoor inserted into SolarWinds' network monitoring software on Britain's public sector - as tight-lipped government departments refuse to say whether UK institutions were accessed by Russian spies.

Research by The Register has shown that SolarWinds' Orion is used widely across the British public sector, ranging from the Home Office and Ministry of Defence through NHS hospitals and trusts, right down to local city councils.

A job advert for the MoD's Corsham tech bunker lists SolarWinds as one of the tools used by a third-line software support engineer; similarly, a network design engineer job with the MoD's Defence Equipment and Support agency posted in May also listed SolarWinds proficiency as a "Nice-to-have" skill.

Microsoft has published a detailed technical blog about the SolarWinds compromise, speculating that the Russians may have "Compromised internal build or distribution systems of SolarWinds, embedding backdoor code into a legitimate SolarWinds library with the file name SolarWinds.Orion.Core.BusinessLayer.dll".

"Until such time as CISA directs affected entities to rebuild the Windows operating system and reinstall the SolarWinds software package, agencies are prohibited fromjoining the Windows host OS to the enterprise domain."

News URL

https://go.theregister.com/feed/www.theregister.com/2020/12/14/solarwinds_public_sector/