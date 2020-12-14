SolarWinds' Orion monitoring platform may have been tampered with by attackers

By on
SolarWinds' Orion monitoring platform may have been tampered with by attackers

Possible connection to FireEye, US Treasury breaches.

SolarWinds said monitoring products it released in March and June of this year may have been surreptitiously tampered with in a “highly-sophisticated, targeted and manual supply chain attack by a nation state.”

"We are aware of a potential vulnerability which, if present, is currently believed to be related to updates which were released between March 2020 and June 2020 to our Orion monitoring products," president and CEO Kevin Thompson said in a statement.

Orion is marketed as a way to keep tabs on IT environments that contain "on-premises, hybrid, and software as a service (SaaS)" based workloads.

SolarWinds' disclosure came as the US intelligence community urgently investigates breaches at several government agencies, including the US Treasury and Department of Commerce. 

The breach - which two people familiar with the investigation said was connected to a previously announced intrusion at cybersecurity firm FireEye - is currently believed to be the work of Russians.

Earlier news reports pointed at Office 365 as the potential entry point into the departmental systems, but this may now be in doubt with the SolarWinds disclosure.

SolarWinds did not directly comment on the breaches but said it is “acting in close coordination with FireEye, the FBI, the intelligence community, and other law enforcement to investigate these matters."

"As such, we are limited as to what we can share at this time," Thompson added.

Additional reporting by iTnews.

