Written by: Merlin International
First reported on Sunday, software provider SolarWinds suffered a massive breach that has global implications on both public and private organizations. Acknowledged by SolarWinds, a supply chain attack trojanized the security vendor’s Orion product, which provides IT health and performance monitoring for large networks. The attack breached SolarWinds’ codebase and attached malicious code to Orion’s upgrade patch as early as last March. This allowed the attackers to create a backdoor to spy and steal data from government, critical infrastructure, and other major verticals for months.
Solar Winds has more than 300,000 customers worldwide, including most Fortune 500 companies, all five branches of the U.S. military, and several agencies, including the highest levels of the federal government. According to the company, less than 18,000 of its customers have installed the malware-laced Orion update. Thus far, the Department of Commerce and the U.S. Treasury are known victims of the breach, but more agencies and commercial enterprises are likely to disclose that their systems were compromised. U.S. officials suspect a Russian group known as APT29 is behind the intrusion campaign.
HOW CAN MERLIN HELP?
Business continuity is one of the top objectives for supply chains, enterprises, and government agencies. Ensuring true 360-degree business continuity means monitoring three main pillars:
In addition to comprehensively monitoring them, it’s critically important to be able to correlate among the pillars and translate the outcomes to business impact. This pivotal ability to prioritize actions shortens mean time to detect (MTTD) and mean time to respond (MTTR) whether there’s a glitch, a bug, or a breach.