Orion Malware Hack Increases The Need To Fortify A Vendor's Back Door

February 11, 2021

Microsoft has recently reported that they have identified and removed malicious programing that infected its network via a widely-used network management system called Orion. This malware, inserted into an Orion software update, is suspected to be just one strategy of a larger, ongoing cyberattack out of Russia.

Microsoft has been watching for signs of malicious code since learning of the malware. They state the breach has not involved "production services or customer data," and that they will continue to monitor system activity. The software leader was also able to identify several of its customers who had infected versions of the Orion software.

The cybersecurity division of the Department of Homeland Security says this cyberattack is aimed at government agencies, private businesses, and infrastructure entities. M Corey Goldman "Microsoft Sounds Alarm Over SolarWinds Cyber Attack" www.thestreet.com (Dec. 18, 2020).

 

Commentary

Officials from SolarWinds and the cybersecurity firms investigating the malware attack recently reported success in locating the malware’s source code and determining how the malicious code infiltrated the IT systems of Orion’s customers. The cybercriminals designed the malicious code to resemble legitimate network traffic, making it difficult to detect. M Corey Goldman “SolarWinds Says It Has Found Source of Massive Cyberattack” www.thestreet.com (Jan. 12, 2021).

Although the immense size of the Orion software hack is unprecedented, cybersecurity risk from third-party sources is not new.

In 2013, Target’s system breach that compromised millions of customers’ personal data, was later found to be linked to a network hack of its HVAC service provider. Hackers breached the network of the U.S. Office of Personnel Management in 2015 via its third-party supplier of background checks, stealing the identities of millions of government employees.

As organizations move to a broader remote-workplace environment, many are looking to third-party suppliers for support. Be sure to restrict access to your networks whenever possible. If third-party access to your network is necessary, make certain you evaluate the associated cybersecurity risk as part your larger risk assessment and contract management process.

Finally, your opinion is important to us. Please complete the opinion survey:

News

So Where Is All The Malware Hidden On Your System?

Cybercriminals are using new technology and techniques to evade detection. Learn more about how malware is hidden from antivirus software. Read More

Are You Practicing Webcam Security?

Hackers can access a webcam and it could simply be on without your knowing. Read tips for staying safe around devices with cameras. Read More

Why Your Organization Needs A Security Breach Notification Plan

All states have laws requiring organizations to notify individuals whose personal data is hacked. Learn more about why. Read More