SolarWinds’ Attack – Exposed Orion Platforms Are Still Out There

SolarWinds’ Attack – Exposed Orion Platforms Are Still Out There

Share:

Share on linkedin
Share on facebook
Share on twitter

The SolarWinds supply chain attack is one of the most sophisticated cyber attacks the world has witnessed in recent years.

While this incident has been known for almost 3 weeks now, as of December 30th 2020 there were still 930 exposed services running SolarWind’s Orion Platform of which 61% were still running vulnerable unpatched Software versions.

The below chart illustrates the various unpatched software versions and the corresponding number of exposed Orion platforms discovered by Reposify’s Attack Surface Management platform.

Exposed-Orion-Platforms-Discovered-by-Reposify

WHAT ARE THE RISKS?

SolarWinds’ Orion Platform includes 12 different modules which according to SolarWinds’ website deliver a “scalable infrastructure monitoring and management platform designed to simplify IT administration”.

By gaining access and control over these modules, attackers could have easily carried out various activities to enable easy access into your internal networks and/or leave backdoors that they can use at a later stage.

DID YOUR ORGANIZATION INSTALL THE COMPROMISED SOLARWINDS SOFTWARE UPDATE?

If so, there are various auditing steps which you must carry out as soon as possible to discover and remove any exposures or entry weak points that attackers might have created in your attack surface.

Special focus areas for examination should include:

  • Firewalls, Routers & Switches: Ensure configurations are meeting your policies.
  • Remote Access Services: Ensure your RDP panels are not exposed, VPN are patched and proper authentication and MFA are in place
  • Cloud Assets: ensure no assets are missing and verify that access management settings are properly configured

HOW CAN REPOSIFY HELP?

Not sure if your organization might have been affected by this attack?
Want to discover if any of your subsidiaries are using SolarWinds’ Orion platform?

Contact our cyber experts today to get a comprehensive analysis of your external attack surface to discover any unknown exposures, misconfigurations and vulnerabilities that attackers might be able to exploit.

Uncover My Exposures

IMPORTANT LINKS:

New call-to-action

Reposify is an attack surface management platform delivering autonomous 24/7 discovery of exposed assets across all environments and the supply chain. Leading enterprises worldwide use Reposify to gain unparalleled visibility of their internet-facing assets and actionable security insights for eliminating shadow IT risks in real-time

Share:

Share on linkedin
Share on facebook
Share on twitter

Ready to discover your External Attack Surface?

Read Next

3 things to know about external attack surface management

We hosted a session showcasing just how vulnerable the external attack surfaces of the majority of the financial industry really is, it wasn't good.

The Spectrum of Cyber Risk Visibility

This blog provides a deep dive into the different types of visibility provided by some of the most dominate services in the cybersecurity market

Reposify’s External Attack Surface Management Vs. Security Rating Services

This blog provides a comprehensive comparison of security rating services to External Attack Surface Management solutions.