A Russian government hacking unit known as UNC2452 accessed and compromised SolarWinds’ Orion software.
The hackers were able to laterally move into SolarWinds’ customers’ networks to launch more malware at those customers, including government and big tech.
Tech service providers, such as Microsoft Azure, are now experiencing attacks trough SolarWinds exploits.
What does this mean to you?
The tech supply chain is compromised by well-funded state actors.
If you are a SolarWinds customer, follow SolarWinds’ guidance for protecting your systems.
You must include high-tech supply-chain (cloud) providers in your third-party risk management (TPRM) program. Develop alternative stand-by plans for when critical supply chain is reported as compromised (such as on-site AD).