Cybersecurity, Privacy, & AI

Trending Now
Agriculture Department Kicks Off $300M Palantir Deal on IT, National Security Work • Vercel Attack Fallout Expands to More Customers and Third-Party Systems • Seeing the Cyber in Economic Statecraft • Responding to a Data Breach: How to Preserve the Attorney-Client Privilege • NIST Cyber Center to Launch OT ‘Visibility’ Project
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on December 15, 2020 Cyber

CISA Orders Federal Agencies to Turn Off SolarWinds Products

CISA Orders Federal Agencies to Turn Off SolarWinds Products

solarseven | Shutterstock

On Sunday, the Cybersecurity and Infrastructure Security Agency ordered all civilian government agencies to “disconnect or power down” all instances of SolarWinds Orion software on their systems by noon on Monday, December 14. This directive was issued in response to an FBI/CISA investigation into breaches of the SolarWinds software at the Commerce and Treasury Departments, apparently by Russian government hackers. The software is used to monitor and optimize IT infrastructure, and is deployed by many federal agencies.

SolarWinds posted a hotfix for their Orion software to address the vulnerability, and urged customers to install it, with another to follow the next day. However, CISA has instructed government agencies to leave their instances of the software isolated or turned off until further notice. Agencies with the expertise to do so are asked to make forensic images of their systems.

More at NextGov

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–SaturdaySubscribe here.

© PubKGroup 2024