CISA Warns of New Cyber Threat Impacting SolarWinds’ Orion IT Network Visualization Tool

CISA Warns of New Cyber Threat Impacting SolarWinds’ Orion IT Network Visualization Tool

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory on a new advanced persistent threat (APT) that targeted the supply chain involving SolarWinds’ Orion information technology management platform and impacted public and private infrastructure.

The APT actor installed malicious code into Orion software updates that enabled access to customers’ network environments. Such breaches allow the threat actor to evade detection, create accounts and obtain classified information, CISA said in the advisory.

While the threat actor “only targeted some organizations with further network exploitation”, CISA recommends that organizations address system vulnerabilities and share threat information to support the Department of Homeland Security (DHS) component's response efforts.

According to CISA, organizations must allocate sufficient resources, encourage third-party support and consider rebuilding network assets that utilize Orion.

CISA is additionally investigating other APT incidents that breach Security Assertion Markup Language authentication procedures, the agency noted.

You may also be interested in...

Gateway Life Support

NASA, Japan Sign Agreement for Gateway Life Support Capabilities

The Japanese government has inked an agreement with NASA to provide capabilities to sustain the habitation module of the agency's Gateway orbital outpost as part of the Artemis program. Gateway is designed to support scientific research efforts and function as a rendezvous point for astronauts that will fly to the Moon via the Space Launch System and the Orion spacecraft.