CLICK HERE to view the Webinar Recording
CLICK HERE to download a copy of the Presentation Handout
Greenberg Traurig Data, Privacy & Cybersecurity team has been advising various organizations about a multitude of issues stemming from the SolarWinds attack, and hosted a brief, 25 minute webinar on Tuesday, December 22, 2020 at 12 ET /11 CT / 10 MT / 9 PT to provide an overview of the issue, recent developments, and the steps to take to determine if the SolarWinds hack impacted certain organizations.
Presenters:
• Gretchen Ramos, Global Co-Chair of the Data, Privacy & Cybersecurity Practice, Greenberg Traurig,
San Francisco
• Jena Valdetero, Co-Chair of the Data, Privacy & Cybersecurity Practice, Greenberg Traurig, Chicago
• David Zetoony, Co-Chair of the Data, Privacy & Cybersecurity Practice, Greenberg Traurig, Denver
• James Arnold, Principal Cyber Services, KPMG, St. Louis
SolarWinds/Orion Summary
SolarWinds Orion is an infrastructure and application performance monitoring application. In order to function, it has touch-points into most (if not all) systems on a network. In March 2020, a threat group hacked into SolarWinds, modified the code for the next Orion update to include a backdoor, and signed the modification with SolarWinds authentication credentials. As a result, any SolarWinds Orion customers that downloaded the update between March and December 2020 would have installed code that had a backdoor that the hackers could use to access their network.
Of the 33,000 organizations that use SolarWinds Orion, apparently 18,000 downloaded the update that contained the backdoor. SolarWinds claims to have now pushed out a hotfix (https://www.solarwinds.com/securityadvisory) that closes the backdoor. However, any company that was in the Group of 18,000 is at risk for intrusion between March and December 2020.