SolarWinds recently faced a significant cyberattack that compromised its systems by introducing a vulnerability known as SUNBURST within the SolarWinds® Orion® Platform. This was made public in an advisory issued on April 6, 2021, as part of ongoing efforts to address the issue and inform users of affected versions of the platform.
The company believes that versions **2019.4 HF 5**, **2020.2 unpatched**, and **2020.2 HF 1** are impacted, aligning with the guidance from the Cybersecurity and Infrastructure Security Agency (CISA) through their Emergency Directive 21-01, announced in December 2020. This directive has seen multiple updates, ensuring that organizations remain vigilant against the advanced persistent threats highlighted.
"SolarWinds is committed to providing timely updates to our customers, recognizing that security and trust are paramount in our software solutions," said a spokesperson from SolarWinds. The ongoing situation continues to evolve as more information becomes available, notably through CISA.
"SolarWinds is committed to providing timely updates to our customers, recognizing that security and trust are paramount in our software solutions,"
On December 17, 2020, CISA released **Alert (AA20-352A)**, which detailed the advanced persistent threat affecting not only government agencies but also private sector organizations. As a response to the vulnerabilities identified, the agency's continuous updates highlight the urgency around the need for mitigation measures and strategic responses.
In the face of these cybersecurity challenges, SolarWinds has ensured its customers are informed. "We are providing a temporary script for customers unable to upgrade immediately, which can help protect their environments against the SUPERNOVA malware,`` the SolarWinds representative added. The script is currently accessible for download to assist those requiring interim protection while awaiting further updates.
For users of the Orion Platform, the latest version, **2020.2.5**, has been made available through the SolarWinds Customer Portal. The company recommends users check their current software versions and apply available hotfixes to safeguard their networks and data.
The comprehensive advisory issued by SolarWinds underlines the importance of remaining proactive in cybersecurity efforts. CISA continues to provide critical insights and resources, including a dedicated page on **CISA’s Supply Chain Compromise site** which aggregates ongoing developments related to this breach and subsequent attacks.
As stipulated by the Department of Homeland Security, the Emergency Directive is in place until all affected agencies implement the necessary patches. "It is essential that organizations take these directives seriously to enhance their security postures and protect against potential threats," warned a CISA official.
"It is essential that organizations take these directives seriously to enhance their security postures and protect against potential threats,"
Further resources and updates can be found on SolarWinds’ dedicated Security Advisory page, emphasizing their commitment to transparency and ongoing communication with their customers. The company continues to ensure that appropriate safeguards are in place, reflecting their dedication to addressing cybersecurity challenges effectively.
Looking Ahead
The path forward for SolarWinds not only involves patching vulnerabilities but also reinforcing user trust through transparency and responsive action. The incident serves as a reminder of the evolving nature of cyber threats and the importance of remaining informed and prepared in the face of potential future breaches.