Skip to content
  • Blog
  • Careers
  • Demo
  • Login
  • (408) 883-8053
  • [email protected]
Facebook-f Twitter Linkedin
  • Blog
  • Careers
  • Demo
  • Login
Menu
  • Blog
  • Careers
  • Demo
  • Login
Resilic Logo
  • Solutions
    • EventWatchAI
    • RiskShield
      • Supplier Assessment Library
    • Multi-Tier Mapping
      • Resilinc’s Supplier Network
    • Autonomous AI Mapping
    • CommodityWatchAI
  • Industry
    • Aerospace and Defense
    • Automotive & Industrial
    • Healthcare & Life Sciences
    • High-Tech & Semiconductor
  • Pricing
  • Resources
    • Learning Center
    • Special Reports
    • Events
    • Developer API
  • Company
    • About
    • Partners
    • News
  • Contact
Menu
  • Solutions
    • EventWatchAI
    • RiskShield
      • Supplier Assessment Library
    • Multi-Tier Mapping
      • Resilinc’s Supplier Network
    • Autonomous AI Mapping
    • CommodityWatchAI
  • Industry
    • Aerospace and Defense
    • Automotive & Industrial
    • Healthcare & Life Sciences
    • High-Tech & Semiconductor
  • Pricing
  • Resources
    • Learning Center
    • Special Reports
    • Events
    • Developer API
  • Company
    • About
    • Partners
    • News
  • Contact
Resilic Logo
  • Solutions
    • EventWatchAI
    • RiskShield
      • Supplier Assessment Library
    • Multi-Tier Mapping
      • Resilinc’s Supplier Network
    • Autonomous AI Mapping
    • CommodityWatchAI
  • Industry
    • Aerospace and Defense
    • Automotive & Industrial
    • Healthcare & Life Sciences
    • High-Tech & Semiconductor
  • Pricing
  • Resources
    • Learning Center
    • Special Reports
    • Events
    • Developer API
  • Company
    • About
    • Partners
    • News
  • Contact
  • Blog
  • Careers
  • Demo
  • Login
  • Customer Hub
Menu
  • Solutions
    • EventWatchAI
    • RiskShield
      • Supplier Assessment Library
    • Multi-Tier Mapping
      • Resilinc’s Supplier Network
    • Autonomous AI Mapping
    • CommodityWatchAI
  • Industry
    • Aerospace and Defense
    • Automotive & Industrial
    • Healthcare & Life Sciences
    • High-Tech & Semiconductor
  • Pricing
  • Resources
    • Learning Center
    • Special Reports
    • Events
    • Developer API
  • Company
    • About
    • Partners
    • News
  • Contact
  • Blog
  • Careers
  • Demo
  • Login
  • Customer Hub
Facebook-f Twitter Linkedin
  • Blog
  • Careers
  • Demo
  • Login
Menu
  • Blog
  • Careers
  • Demo
  • Login
Resilic Logo
  • Solutions
    • EventWatchAI
    • RiskShield
      • Supplier Assessment Library
    • Multi-Tier Mapping
      • Resilinc’s Supplier Network
    • Autonomous AI Mapping
    • CommodityWatchAI
  • Industry
    • Aerospace and Defense
    • Automotive & Industrial
    • Healthcare & Life Sciences
    • High-Tech & Semiconductor
  • Pricing
  • Resources
    • Learning Center
    • Special Reports
    • Events
    • Developer API
  • Company
    • About
    • Partners
    • News
  • Contact
Menu
  • Solutions
    • EventWatchAI
    • RiskShield
      • Supplier Assessment Library
    • Multi-Tier Mapping
      • Resilinc’s Supplier Network
    • Autonomous AI Mapping
    • CommodityWatchAI
  • Industry
    • Aerospace and Defense
    • Automotive & Industrial
    • Healthcare & Life Sciences
    • High-Tech & Semiconductor
  • Pricing
  • Resources
    • Learning Center
    • Special Reports
    • Events
    • Developer API
  • Company
    • About
    • Partners
    • News
  • Contact
  • Solutions
    • EventWatchAI
    • RiskShield
      • Supplier Assessment Library
    • Multi-Tier Mapping
      • Resilinc’s Supplier Network
    • Autonomous AI Mapping
    • CommodityWatchAI
  • Industry
    • Aerospace and Defense
    • Automotive & Industrial
    • Healthcare & Life Sciences
    • High-Tech & Semiconductor
  • Pricing
  • Resources
    • Learning Center
    • Special Reports
    • Events
    • Developer API
  • Company
    • About
    • Partners
    • News
  • Contact
  • Blog
  • Careers
  • Demo
  • Login
  • Customer Hub

Home / Blogs / The Solar Winds Hack and Your Supply Chain

Home / The Solar Winds Hack and Your Supply Chain

RESILINC BLOGS
Feature-image-Cyber-Security-scaled

The Solar Winds Hack and Your Supply Chain

Jan 12, 2021

Resilinc Editorial Team

Cyber, Proactive risk mitigation

For corporate IT and cybersecurity professionals, the 2020 holiday season was filled with stress and long days as teams scrambled to assess whether their networks were penetrated by the widespread and stealthy hack known as Sunburst. Even more unsettling: for at least nine months before it was detected in early December, the malware had been spreading through the networks of as many 18,000 users of Solar Winds’ Orion network management software.

In a recent webinar, Resilinc’s co-founder and CTO Sumit Vakil warned that supply chain managers should also be proactively investigating how Sunburst may have affected their suppliers—and what mitigations those potentially affected suppliers are undertaking. “Right now, your IT organization is in fire drill mode. This is a massive crisis the likes of which they’ve never seen before,” said Vakil. “Chances are they’re not going to have time to think about how your suppliers or vendors may have been impacted.”

“Even if your own organization is secure, all the emails and documents that you’ve shared with suppliers, including those with sensitive IP such as instructions, build plans, and other trade secrets could become available to the hackers,” said Vakil. “Even if your communications go through a secure FTP server, chances are your supplier downloads them and puts them on Microsoft Sharepoint, which can be accessed by Sunburst.”

Vakil added that this risk extends to more than suppliers of services, parts, and materials. “Vendors who manage employee data or even your accounting firms could be impacted by this.”

Considered an “advanced persistent threat” (APT) likely originating from Russian-sponsored cyberwarfare actors, Sunburst “takes over whatever server it’s installed on and steals administrative level permissions from Microsoft Active Directory,” explained Vakil. “Then it can access the emails of high-level executives, IT staff, and others and exploit that access to work its way deeper into the network.”

Sunburst’s existence was revealed December 1 by the security firm FireEye, which announced that hackers had stolen some the firm’s “red team” tools—software used by teams of experts who act like hackers, trying to attack networks in search of vulnerabilities. Over the ensuing weeks, the extraordinary extent of Sunburst’s penetration was revealed as companies from Microsoft to Deloitte announced their networks had been hacked.

For security reasons, most companies that have been hacked will not reveal it publicly, and the full extent of the penetration may never be known. According to Vakil only a few attacks have been discovered but there’s a good chance there are a lot of latent hidden attacks that are yet to be discovered. What’s more, experts don’t fully understand the scope of the problems that Sunburst could have introduced into a network.

Still, there are mitigation measures available, including those recommended by CISA, the Cybersecurity and Infrastructure Security Agency, and Microsoft.

For supply chain practitioners and teams, Vakil recommends contacting suppliers and vendors – starting with their most critical ones – to inquire whether they run the Solar Winds’ Orion software and—if yes—what mitigations they’ve implemented (Resilinc customers can access a Sunbust supplier risk assessment survey through their account).

“It is not easy to figure out if a network has been compromised, so it’s a good idea to focus on whether your suppliers have implemented the mitigations recommended by CISA and Microsoft,” said Vakil. “As more suppliers start implementing these recommendations, some of the known issues will be addressed and we can have some level of confidence that supplier companies are doing something to address the hack. And it they are one of the approximately 18,000 companies that could be impacted, they’re putting in mitigations so the known attacks can no longer leak data.”

While this is a good starting point, companies need to remain vigilant on an ongoing basis: security experts agree that the scope of this attack could be far broader than what has been identified so far.

According to Vakil: “Supply chain teams will need to ensure that their suppliers are constantly monitoring their active directories to watch for fake accounts, elevated permissions, and other indications of a hack. You’ll need to make sure you and your suppliers are on top of the latest findings about Sunburst and implementing the most up-to-date recommended mitigations. This is the only way to make sure your suppliers are doing everything they can to protect your IP and your sensitive data.”

***

For more details on the Sunburst hack and risk management best practices, please listen to our recent webinar: SUNBURST: SolarWinds Orion Cybersecurity Attack Update.

For more information on Resilinc’s supplier assessment services – which include risk assessments for cybersecurity – please contact us.

 

 

 

 

 

 

 

Blog detail template

White Paper

China’s Energy Crisis Prompts Widespread Global Supply Chain Disruptions

Download Now

Recent Posts

4 Major Supply Chain Trends Q4 2022

What would happen if China invaded Taiwan?

China COVID crisis: Groundhog Day for SC managers

EV segment will likely depend on China for many years

EU inflation hits multiple manufacturing sectors

Resilient supply chains require a shift in procurement strategy

Adderall one of many drugs, medical supplies at risk

Resilinc study: fire risks grow while easy mitigations are often ignored

About Resilinc

We’re the world’s leading supply chain monitoring, mapping, and resiliency solution. Over 100k organizations partner with us to take their SCRM programs from reactive to resilient.
Request Demo

Recent Blogs

Loading...
A photograph of a port in Taiwan.
Jan 24, 2023
5 MIN READ
Resilinc Editorial Team

4 Major Supply Chain Trends Q4 2022

Supply chains across every industry had their ups, downs, and disruptions in 2022. From the...
Commodity management, Geopolitical, Supply Chain Disruptions
Resilinc’s Special Report: Will China Invade Taiwan For TSMC - Top Insights and Preventive Measures
Jan 17, 2023
4 MIN READ
Resilinc Editorial Team

What would happen if China invaded Ta...

One day in August 2022, a group of military and defense strategy experts gathered in...
Geopolitical
Resilinc’s Special Report: China's Latest Outbreak - Top Risks to Your Supply Chain
Jan 10, 2023
3 MIN READ
Resilinc Editorial Team

China COVID crisis: Groundhog Day for...

After managing a seemingly endless series of crises arising from the pandemic, supply chain managers...
Coronavirus, Supply Chain Disruptions
Read All Blogs

Who's in your supply chain?

Better visibility starts now

Email Now|Call Now|Chat Now

Receive our monthly NewsWatch digest

Subscribe
Resilinc Transparent Logo

Most Trusted, Cognitive Supply Chain Risk Management Platform

Solutions

Blog

Careers

Company

  • About
  • News
  • Events
Menu
  • About
  • News
  • Events

Resources

  • White Papers & Reports
  • Case Studies
  • On-Demand Webinars
Menu
  • White Papers & Reports
  • Case Studies
  • On-Demand Webinars

Follows Us

Facebook-f Twitter Linkedin

Sales: [email protected]
Support: [email protected]
Partnerships: [email protected]

Resilinc Transparent Logo

Most Trusted, Cognitive Supply Chain Risk Management Platform

Company

  • About
  • News
  • Events
Menu
  • About
  • News
  • Events

Resources

  • White Papers & Reports
  • Case Studies
  • On-Demand Webinars
Menu
  • White Papers & Reports
  • Case Studies
  • On-Demand Webinars
  • Solutions
  • Blog
  • Careers
Menu
  • Solutions
  • Blog
  • Careers

Follows Us

Facebook-f Twitter Linkedin

Sales: [email protected]
Support: [email protected]
Partnerships: [email protected]

© 2023 Resilinc Corporation. All rights reserved.

Data Security

Privacy Policy

Discover how the latest China COVID-19 crisis can derail your supply chain

Learn the latest supply chain bottlenecks that can be hurting you.

           Learn More