Security News > 2021 > February > Many SolarWinds Customers Failed to Secure Systems Following Hack

Many SolarWinds Customers Failed to Secure Systems Following Hack
2021-02-15 16:00

Many companies still expose SolarWinds Orion to the internet and have failed to take action following the disclosure of the massive SolarWinds breach, according to RiskRecon, a Mastercard company that specializes in risk assessment.

Threat actors believed to be backed by Russia breached Texas-based IT management firm SolarWinds and used that access to deliver a piece of malware named Sunburst to roughly 18,000 customers who had been using the company's Orion monitoring product.

The delivery of Supernova required access to the targeted network and involved exploitation of a zero-day vulnerability in Orion, which SolarWinds patched shortly after its existence came to light.

Only 8% of these companies have applied the Orion update released by SolarWinds in response to the breach.

Even more concerning is that 4% of the companies that expose Orion still use a version containing the Sunburst code.

Smith also said the attackers had written roughly 4,000 lines of code that were then delivered to customers of SolarWinds' Orion product.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/TOIRmQIGivQ/many-solarwinds-customers-failed-secure-systems-following-hack

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 44 0 80 95 40 215