The Cybersecurity and Infrastructure Security Agency ordered all government departments by noon Monday to identify and shut off instances of SolarWinds Orion software running or connected to any government system, as agencies scrambled to mitigate potential damage from a critical vulnerability in software used by a huge swath of the federal government and military.
News broke over the weekend that officials at CISA and the FBI were investigating breaches at two of the largest federal agencies—the Commerce and Treasury departments—related to a flaw in the SolarWinds Orion software. Early reports suggest hackers working for the Russian government were involved in the breaches.
The attacks targeted Orion software versions 2019.4 HF 5 through 2020.2.1—the versions released between March 2020 and June 2020.
On its site, the company issued an advisory urging clients to update to the latest version of the Orion software, 2020.2.1 HF 1, available through the customer portal. However, federal agencies are instructed not to install—or reinstall—any instances of SolarWinds Orion until cleared by CISA, per an emergency directive issued late Sunday.
In the emergency directive—only the fifth in the agency’s history—CISA officials are requiring federal agencies identify instances of the SolarWinds software in their systems and “immediately disconnect or power down SolarWinds Orion products” by noon Monday, the alert states. The directive only applies to civilian agencies, as CISA does not have authority over the Defense Department or intelligence agencies.
The directive is not optional and instructs agencies to leave the products disconnected from agency networks ..
Support the originator by clicking the read the rest link below.
