By Ilan Barda, CEO, Radiflow
If you’ve found this article interesting, please visit and follow Radiflow on LinkedIn, where you’ll find a wealth of exclusive content.
The News
Earlier this week it was revealed that SolarWinds, whose Orion software is a very popular tool for managing IT networks, has been a victim of a massive supply chain attack that had affected thousands of businesses as well as US government agencies.
The attack involved penetrating the SolarWinds network and infected an official update version of the Orion software. As a result, over a period of several months, malware-weaponized Orion updates were downloaded around 18,000 times, which allowed the malware to enter the customers’ internal network.
Once installed in the customer’s network the malware was able to communicate with its external control by masquerading SolarWinds’ own protocol and applying multiple additional detection-avoiding mechanisms, such as C&C servers in the victim’s country and others.
[inject id=’code-47fd23f73a9caecab1e206306adae7f9′]
According to some sources the attack was perpetrated by government-sponsored hackers (allegedly Russia) aiming to penetrate critical US networks.
Behind the News: Key Takeaways
Prevention: Continuous Threat and Risk Monitoring
Radiflow provides a comprehensive solution for Industrial Threat Detection & Monitoring and Industrial Risk Assessment & Management. You are also welcome to request a demo of Radiflow solutions.
The SolarWinds attack involved penetrating the SolarWinds network and infected an official update version of the Orion software. As a result, over a period of several months, malware-weaponized Orion updates were downloaded around 18,000 times, which allowed the malware to enter the customers’ internal network.
Harmonizing risk and consequence strategies across IT and OT environments for greater cyber resilience
Strengthening OT Resilience: Protecting Critical Systems in a Rapidly Evolving Threat Environment
Quarterly ICS Security Report 2024 Q3