SINGAPORE NEWS & ARTICLES​

SolarWinds Security Advisory

What happened?

Recently discovered by US cybersecurity company, FireEye, SolarWinds became the victim of a very sophisticated supply chain hack leading to a likely global attack, with highly sensitive data compromised.

How the attack happened

A vulnerability (SUNBURST) was inserted within SolarWinds’s IT management software, Orion®, which could potentially allow the attacker to compromise the server which the Orion products run if present and activated. This sophisticated attack disrupted a standard process resulting in a compromised outcome to attack subsequent software users.

Current Remediation

SolarWinds are urging customers with any of the below products listed as known affected for Orion® Platform to upgrade as soon as possible to ensure your environment’s security. Upgrades are available here.

Orion Platform v2020.2

Customer with no hotfix installed or 2020.2 HF 1 to upgrade to Orion® Platform version 2020.2.1 HF 2. Hotfix installation instructions are available in the 2020.2.1 HF 2 Release Notes here.

Orion Platform v2019.4 HF 5

Customer with hotfix installed to updated to Orion Platform 2019.4 HF 6. Hotfix installation instructions are available in the 2019.4 HF 6 Release Note here.

Workaround

If you are unable to apply the Hotfix due to environmental restrictions, it is prudent to review the necessity of the below for an immediate risk assessment.

Review

Assess current network if there is a need to segregate zones

Monitor

Any lateral movements for tools related to SUNBURST that may already been weaponized

Update

Latest signatures on IPS and other security tools

Scan

Periodically scan of critical servers / endpoints

Original articles from SolarWinds

Jayden Soh,
HKBN JOS Singapore Co-owner and Head of Solutions

STAY INFORMED 
Sign up to receive the latest security news and trends from HKBN JOS.

HKBN JOS (Singapore) Pte. Ltd. 

Copyright © 2021 HKBN JOS (Singapore) Pte. Ltd. All rights reserved.