<img alt="" src="https://secure.hiss3lark.com/187069.png" style="display:none;">

SolarWinds Hack Resource Center

Keeping you up to date with the latest news & research on the SolarWinds supply chain attack

Everything You Need to Know About The SolarWinds Hack

The SolarWinds hack is shaping up to be the most serious supply chain attack ever encountered. The perpetrators were able to breach and insert malicious code into the SolarWinds Orion software, compromising thousands of users across the globe, including Fortune 1000 companies and major US Government agencies.

What can you do to keep your ecosystem secure and stop your third-party vendors from putting you at risk? Here’s a collection of resources to learn more about the SolarWinds breach, steps you can take to make your ecosystem more secure, and improve your third-party risk management program to minimize risk.

BitSight Analysis | Remediation Strategies | SolarWinds News | SolarWinds Hack Timeline

BitSight Insight & Analysis of SolarWinds Hack

The latest original BitSight research on the SolarWinds supply chain attack.

New call-to-action

Remediate & Strategize

Build a proactive and risk-based strategy to secure your third-party supply chain and your entire ecosystem.

SolarWinds News Updates

SolarWinds news updates from trusted sources.

SolarWinds Hack Timeline

December 8th, 2020

FireEye announced that it was hacked by a nation state actor and its internal security research and exploit testing tools were stolen.

December 13, 2020

FireEye released a blog post that provided further details indicating the company was breached through a highly evasive supply chain attack on SolarWinds.

CISA (The Cybersecurity and Infrastructure Security Agency) asks all agencies operating SolarWinds products to report by 12pm EST on Monday December 14, 2020 and issues an emergency directive -- Emergency Directive 21-01.

SolarWinds released a security advisory ( this page has been changing without dates margs ) said it plans to release an Orion update on Tuesday that will contain code to remove any traces of the malware from customer systems.

December 14, 2020

SolarWinds on a SEC filing said that of its 300,000 total customers, only 33,000 were using Orion, a software platform for IT inventory management and monitoring, and that fewer than 18,000 are believed to have installed the malware-laced update. SolarWinds also announced that it learned from Microsoft about a compromise of its Office 365 email and office productivity accounts.

December 16, 2020

BitSight releases a blog post about SolarWinds Orion prevalence and confirms that it is most frequently seen within the Government and Technology sector and mainly deployed in the USA.

Joint statement by the Federal Bureau of investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI).

December 18, 2020

BitSight shows in a blog post the initial reaction and removal of SolarWinds Orion instances seen on the Internet in the first week. While 70% of servers with trojanized versions were remediated or removed from Internet access, only 8% of instances were removed from public access.

SolarWinds stocks $SWI fell 40% in the first week.

December 21, 2020

Microsoft Security Response team creates a Resource Center for “Solorigate” - codename from Microsoft - with continuous updates about the ongoing investigations.

December 23, 2020

BitSight adds to the Security Ratings Platform product information about live connected SolarWinds Orion servers observed on the Internet including trojanized versions.

BitSight creates a "SolarWinds Attack Resource Center" for customers.

December 26, 2020

A new CVE is assigned to a different SolarWinds Orion API vulnerability. This vulnerability allows unauthenticated remote command execution and it’s being explored by installation of malicious web shells on the attacked Orion servers.

The vulnerability receives the codename “SUPERNOVA” .

December 28, 2020

BitSight adds to Security Ratings Platform product potential and under investigation Security Incidents for organizations whose names are linked to contacts to the attacker’s C2 infrastructure, based on decoding a domain generation algorithm (DGA).

December 31, 2020

Microsoft says that no customer or PII data was compromised, but the compromised internal account had access to several source code repositories for Microsoft’s products.

January 6, 2021

CISA releases an update on alert with new findings about the APT compromise of government agencies, critical infrastructure, & private sector organizations.

January 7, 2021

Sealed U.S. Court Records Exposed in SolarWinds Breach. A report from krebsonsecurity blog explains a statement from U.S. Courts.

January 11, 2021

CrowdStrike releases technical analysis of “SUNSPOT”, malware that was deployed into the build environment to inject this backdoor into the SolarWinds Orion platform.

Kaspersky Labs see algorithms similarity between another malware called Kazuar and “SUNBURST”, and suggest attribution to Turla Group.

January 12, 2021

BitSight-Kovrr analysis of SolarWinds estimates the initial and insured losses from the SolarWinds attack to be $90,000,000.

Back to Top

Put BitSight’s data-driven insight to work for you.

BitSight can immediately grant you visibility into which of your vendors use SolarWinds as a technology platform. We provide unparalleled visibility into risk within your organization and third party supply chain to help our customers identify, prioritize and address their exposure.

Request A Demo