What is Solarwinds Orion Hack?

The United States of America recently issued an emergency directive on all federal civilian Agencies to power down their solarwinds Orion IT management tools. The direction was issued due to a security breach.

The Cybersecurity and Infrastructure Security Agency (CISA) of the United States recently issued an emergency directive in response to known compromise involving solarwinds Orion products. The IT management tool of the solarwinds Orion had been used to hack several Federal Agencies.

 What is the issue?

The solarwinds recently was made aware of an attack vector that was used to compromise the company emails.  The email compromises were of Microsoft accounts. The hackers have gained access to several private and public organisations through Trojanised updates to Solarwinds Orion Network monitoring software.

The hackers have hidden a malicious code in the software update for Orion. The hacking had begun in March 2020!

What is Orion platform of solarwinds?

Solarwinds is a security vendor that helps several federal governments to monitor the health of their IT network. Orion is a software tool of the solarwinds. The solarwinds Orion helps to locate, troubleshoot and fix network performance issues. The Orion basically is used to make IT management simpler with a single panel to administer various parts of the network.

The solarwinds a Texas based company with more than 300 thousand customers. This includes the Pentagon, National Security Agency, White House, US military. Therefore, it is considered to be the biggest hack in the history of America.

Cybersecurity Act, 2015

This is the fifth emergency directive issued by the CISA under the Cybersecurity act of 2015.

The act has two main components. First Act authorises companies to implement defensive measures on their own Information Systems. This particular emergency directive has been issued based on this component. The second component of the act provides certain protections to encourage companies to share information about cyber threat indicators and defensive measures.


Leave a Reply

Your email address will not be published. Required fields are marked *