When it comes to risk and security in many applications, after the initial implementation, no one really owns or is accountable for updating and resolving issues, leaving room for hackers to find way in. Managed Service Providers have been major targets for hackers in the last year and folks are expecting the number of cyber-attacks will more than triple in 2021. Now every company, no matter the industry, has to be a cyber security expert. How do you keep your systems, and your company data, safe? Moser can help with a plan to build resilience and strength in your systems.
Here is what you need to know about the most current SolarWinds Breach.
- What was the SolarWinds Attack and how did companies start becoming aware of it?
- On December 14, Moser was notified by both the SolarWinds Orion Application Team and the SolarWinds N-Central MSP Application Team that a highly sophisticated, manual supply chain attack on SolarWinds® Orion® Platform had happened to software builds for versions 2019.4 through 2020.2.1. As a current SolarWinds N-Central user, we were informed that the attack did not impact the N-Central or any of the SolarWinds MSP products.
- SolarWinds took immediate steps to address the attack, issuing a cybersecurity advisory and urging customers to upgrade to the latest version, while releasing a new hotfix to mitigate the issue.
- Once we received word we were not impacted by the attack, Moser send notification to our clients that Moser was aware of the attacks and that we are not an Orion user as well as ensured them that our tools were not impacted.
- What is the potential risk to companies that use SolarWinds software?
- Although nothing has been officially posted we do know the attacks did hit key government agencies, such as the Treasury Department, the Pentagon and major tech companies like Microsoft. However, based on this attach Microsoft did take action and created a kill switch for the Orion backdoor (.dll) in which the hack initiated.
- What did Moser do to address the situation?
- Once we got word from the Orion team, we contacted the N-Central team to confirm if this impacted our tools. They responded quickly to inform us that no impact to the N-Central platform but did look to implement new security certificates and encouraged all customer to upgrade to latest release, which we currently run.
- Is it now safe or what comes next?
- This a difficult question to answer, in all fairness to SolarWinds they are doing everything they can to remediate the issue. But, it is not safe. A number of analysts continue to believe these attacks will be ongoing. A number of companies and government agencies are calling for an immediate power down of all SolarWinds Orion products. Which levels a number of companies with monitoring and performance management tools in place. The biggest change will be how organizations patch, update and certify software packages moving forward.
If you have any questions about security for your systems, or for an evaluation of risks, call your Moser representative, engagement manager, or fill out the form to be called back.