Register to Access Intelligence Summary

First Name
Last Name
Job Title
Thank you!
Error - something went wrong!

Weekly Intelligence Summary 18 December

December 18, 2020

The US-based IT company SolarWinds confirmed that its network management system, Orion Platform, was exploited to conduct a highly sophisticated, manual supply-chain attack. According to SolarWinds, a threat actor obtained access to the company’s systems and implanted malicious code into Orion software builds. Approximately 18,000 SolarWinds customers then installed malicious Orion updates that enabled the attacker to deploy a backdoor, dubbed SUNBURST or Solarigate, into victims’ systems and steal information. It is highly likely that a state-sponsored threat actor/group is responsible but, at the time of writing, there is not enough information to confirm this. Although the attacker’s motives and future intentions are not clear, they will likely use stolen information to conduct additional attacks in the short-term future (one to three months).

Previous Post
Weekly: SolarWinds Supply-Chain Attack Round-Up
Weekly: SolarWinds Supply-Chain Attack Round-Up

ShadowTalk hosts Kacey, Charles, Alec, and Digital Shadows CISO Rick bring you the latest in threat intelli...

Next Report
Weekly Intelligence Summary 11 December
Weekly Intelligence Summary 11 December

A global spearphishing campaign targeted organizations associated with a COVID-19 vaccine cold chain.