'About 18,000 organizations around the world downloaded network
management tools that contained a backdoor that spies believed to be
backed by the Russian government could use to install additional
malware that stole sensitive data, the tools provider, SolarWinds,
said on Monday.
The disclosure from Austin, Texas-based software maker SolarWinds,
came a day after the US government revealed a major security breach
hitting federal agencies and private companies. The US Departments of
Treasury, Commerce, and Homeland Security departments were among the
federal agencies on the receiving end of attacks that gave access to
email and other sensitive resources. Federal agencies using the
software were instructed on Sunday to disconnect systems that run the
software and perform a forensic analysis of their networks.
Premiere security firm FireEye says it was breached by nation-state hackers
Security firm FireEye, which last week disclosed a serious breach of
its own network, said that hackers backed by a nation state
compromised a SolarWinds software update mechanism and then used it to
infect selected customers who installed a backdoored version of the
company’s Orion network management tool.
The backdoor infected customers who installed an update from March to
June of this year, SolarWinds said in a document filed on Monday with
the Securities and Exchange Commission. SolarWinds, which said
SolarWinds has about 300,000 Orion customers, put the number of
affected customers at about 18,000.'
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 577-5304