This yet again suggests that it might have been a weak password policy that has been the underlying cause of the breach. SolarWinds believes that data contained in emails might have allowed the attackers to gain access to other systems (which also suggests poor email culture – you should not use email to send sensitive data). Openly accessible repositories and exposed databases account for some of the biggest hacks in recent years and common password vulnerabilities are often the underlying cause of major break-ins.Īnother potential vector is that the SolarWinds Office 365 account was supposedly compromised, according to information that SolarWinds received from Microsoft. This is in line with certain Tweets that suggest that SolarWinds had an open repository on GitHub and used weak passwords. Since the first traces of backdoor being used date back to March 2020, it is very probable that SolarWinds was hacked at the beginning of 2020 or in late 2019. The original attack vector remains unknown but there are hints that might give us a clue of what originally happened. This backdoor allowed unknown threat actors to spy on SolarWinds Orion customers and potentially control their systems remotely or escalate into their networks.
#Solarwinds hack update#
An update, downloadable from the SolarWinds update server, was poisoned with a malicious backdoor. If you’re not up to date on the news: The SolarWinds Orion network monitoring software, used by more than 18,000 organizations all over the world, was compromised several months ago.
#Solarwinds hack software#
As always, we continue to take the utmost care to ensure that our on-premises and online software and our update download servers are not compromised in any way. We at Acunetix and Invicti are deeply concerned with the aftermath of the SolarWinds hack and offer our deepest commiserations to all the security personnel who are facing this situation just before Christmas, and to SolarWinds themselves who have been an unwilling agent to the compromise of more than 18,000 organizations.Īt the same time, we would like to reassure our customers, partners, and prospects that we are not a customer of SolarWinds and are therefore not in any way affected by this hack.