Recently, SolarWinds has just confirmed in a security advisory that it experienced a manual supply chain attack on versions of Orion released between March and June in 2020.  This sophisticated intrusion campaign, with use of supply chain attack, against public and private organization around the world was discovered, and this kind of attack is one of the most sophisticated types of hacks in existence.  While many hacks rely on convincing a target to download malicious software, a supply chain attack involves inserting malicious code in legitimate software before it is distributed to customers, hence attacking the software supply chain.  It creates a huge impact to the organization as this can be covered at global scale, covering multiple entities worldwide, and victims can be acrossed various industries.

 

As a trust-worthy security advisor, Check Point recommends all users to do the following steps for checking and ensure you secure your everything.

1. Reset passwords of local SolarWinds users and follow all updates released from SolarWinds as the first step
2. Make sure you have updated your software patch with the latest version, click here to learn more on our response to SolarWinds supply chain attack
3. If you want to check on the security level of your organization, contact Check Point’s Incident Response (IR) Team and conduct a “Compromise Assessment Service”

For any inquiry, please contact us at
janetc@checkpoint.com / [email protected]  or your Account Manager.