Security News > 2021 > May > SolarWinds Shares More Information on Cyberattack Impact, Initial Access Vector

SolarWinds Shares More Information on Cyberattack Impact, Initial Access Vector
2021-05-10 10:39

Texas-based IT management company SolarWinds on Friday shared more information on the impact of the significant breach disclosed late last year, and claimed that less than 100 of its customers were actually hacked.

Initial reports said more than 250 organizations were actually breached, but the U.S. government later said that it had identified roughly 100 private sector companies and 9 federal agencies whose systems were targeted by the attackers.

The blog post, a copy of which has also been submitted to the U.S. Securities and Exchange Commission, also provides more information on the attacker's activities while it had access to SolarWinds systems.

In the case of the email accounts, SolarWinds is still working on determining exactly what type of personal information may have been compromised.

As for how the attackers breached its systems in the first place, SolarWinds says three initial access vectors seem the most likely at this point: a zero-day vulnerability in a third-party device or app, a brute-force attack, or social engineering.

"While we don't know precisely when or how the threat actor first gained access to our environment, our investigations have uncovered evidence that the threat actor compromised credentials and conducted research and surveillance in furtherance of its objectives through persistent access to our software development environment and internal systems, including our Microsoft Office 365 environment, for at least nine months prior to initiating the test run in October 2019," SolarWinds said.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/a05GSE3cas8/solarwinds-shares-more-information-cyberattack-impact-initial-access-vector

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 45 1 84 103 43 231