Cybersecurity, Privacy, & AI

Trending Now
Doxim Data Breach Settlement Underscores Third-Party Data Security Risk • SASC Proposes Reorganization of Pentagon’s IT, Cyber Leadership • Anthropic Suspends Top AI Models After U.S. Export Control Order • Senate Bill Seeks to Restore Funding for Cyber Information-Sharing Program • CISA Directive Orders Agencies to Prioritize Vulnerability Patching in a New Way
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on December 15, 2020 Cyber

CISA Orders Federal Agencies to Turn Off SolarWinds Products

CISA Orders Federal Agencies to Turn Off SolarWinds Products

solarseven | Shutterstock

On Sunday, the Cybersecurity and Infrastructure Security Agency ordered all civilian government agencies to “disconnect or power down” all instances of SolarWinds Orion software on their systems by noon on Monday, December 14. This directive was issued in response to an FBI/CISA investigation into breaches of the SolarWinds software at the Commerce and Treasury Departments, apparently by Russian government hackers. The software is used to monitor and optimize IT infrastructure, and is deployed by many federal agencies.

SolarWinds posted a hotfix for their Orion software to address the vulnerability, and urged customers to install it, with another to follow the next day. However, CISA has instructed government agencies to leave their instances of the software isolated or turned off until further notice. Agencies with the expertise to do so are asked to make forensic images of their systems.

More at NextGov

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–SaturdaySubscribe here.

© PubKGroup 2024