This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
12/21/2020
VERT Alert: SolarWinds Supply chair Attack
TripWire
Vulnerability Description
The United States Cybersecurity & Infrastructure Security Agency (CISA) has advised that an advanced persistent threat (APT) actor was able to insert sophisticated malware into officially signed and released updates to the SolarWinds network management software. The attacks have been ongoing since at least March 2020 and CISA has warned that many high-value targets within government, critical infrastructure, and the private sector have been compromised. Private security firm FireEye has also disclosed that the attackers were able to steal their private collection of hacking tools and techniques used for security audits.
Exposure and Impact
Successful compromise through the SolarWinds Orion backdoor could lead to complete compromise of a targeted network. Compromised network management software (NMS) provides deep access for an attacker to move laterally through a network and obtain credentials. Although not all organizations installing the backdoored version of the SolarWinds Orion software were necessarily compromised, all such organizations must assume that their network may be fully compromised.
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information