The List of Known SolarWinds Breach Victims Grows, as Do Attack Vectors

The SolarWinds breach story continues to get worse.

The list of known victims now includes US departments of Commerce, Defense, Energy, Homeland Security, State, the Treasury, and Health.

More worrisome for those responsible for cybersecurity at enterprise data centers, however, are the technology vendors that allowed the compromised SolarWinds Orion software into their environments. Those vendors, as far as we know, now include Microsoft, Intel, Cisco, Nvidia, VMware, Belkin, and the cybersecurity firm FireEye, which was first to discover the attack.

“I think that number [of compromised vendors] is going to grow,” said Greg Touhill, who served as US federal CISO under President Barack Obama and who is now president at Appgate Federal Group. “I think we’re going to find, as we untangle the knot behind this, that SolarWinds was not the only victim, and that FireEye was not the only victim in its space.”

Altogether, up to 18,000 organizations may have downloaded the trojan, according to SolarWinds. The number of organizations targeted for attacks that would follow the SolarWinds breach is unknown at this time. Microsoft said it has identified more than 40 organizations in that last category. It did not name any of them but said that 44 percent were technology companies.

Read full article at Data Center Knowledge.