The Cybersecurity and Infrastructure Security Agency (CISA) is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious doer. An advanced persistent menace (APT) doer is responsible for compromising the SolarWinds Orion software furnish chain, as well as widespread abuse of commonly used authentication mechanisms. If left unchecked, this menace doer has the resources, endurance, and expertise to withstand eviction from compromised networks and last to hold affected organizations at risk, says CISA.
In response to this menace, CISA has issued CISA Insights: What Every Leader Needs to Know About the Ongoing APT Cyber Activity. This CISA Insights provides information to leaders on the known risk to organizations and actions that they can take to prioritize measures to unite and address these menaces.