Security Advisory: How the SolarWinds breach affects you

News broke to the public on Sunday, December 13th, that the SolarWinds Orion network monitoring platform had been hacked.

Given the scope and scale of the SolarWinds security breach, VPLS is providing this security advisory to its customers with a brief overview of the breach, how it may impact you, and what steps you may or may not need to take to protect yourself from this security event.

It’s important to note that VPLS and its subsidiaries do not use SolarWinds Orion software in any capacity today. This means that VPLS and its systems were not vulnerable to this SolarWinds breach.

What is the SolarWinds hack?

In this sophisticated attack, SolarWinds Orion software updates had been trojanized to deliver malware, now called SUNBURST, into servers hosting the SolarWinds Orion software. Using this compromised server, the attacker is then able to move laterally in the network to compromise other assets and perform data theft.

What should you do next?

If you use SolarWinds Orion software, you will want to take immediate action to determine the extent of your vulnerability and quickly determine whether there was any unauthorized data access or installation of unauthorized software.

If you don’t use SolarWinds software, you may still want to take action to understand to what extent your vendors and partners use SolarWinds.

As part of your incident response plan, a comprehensive investigation should be performed and, if attacker activity is discovered in your environment, remediation steps should be taken based on the investigation findings.

Additional mitigation recommendations are available in this guide, written by VPLS’s security expert, John Headley.

Feeling overwhelmed?

This is a global-scale hack with potentially dire consequences for your organization and its or its customers’ data. If your organization does run SolarWinds but does not have the time or expertise to perform any of the suggested steps above, please contact VPLS. We offer free consultation on how our team of certified security experts can become an extension of your IT staff and drive these necessary incident response procedures.

This security advisory was originally published on December 21, 2020.

Scroll to Top