https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
    • MSP 501 Information Center
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
    • MSP 501 Information Center
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Shutterstock

threat actor

SolarWinds CEO Claims Fewer Customers Impacted by Massive Hack

  • Written by Edward Gately
  • May 10, 2021
But the malicious hackers were well prepared, casing the place before they attacked.

The number of SolarWinds customers targeted and impacted by last year’s massive hack is far less than previously reported.

That’s according to Sudhakar Ramakrishna, SolarWinds’ president and CEO. In a blog, he said his company is close to completing its investigation of the hack.

Early on, SolarWinds reported up to 18,000 customers could have been vulnerable to Sunburst. That’s the malicious code used by the cyberattackers. It now says fewer than 100 SolarWinds customers were hacked through Sunburst.

SolarWinds' Sudhakar Ramakrishna

SolarWinds’ Sudhakar Ramakrishna

“Based on our investigations and conversations with our customers, we believe the number of customers targeted and impacted by the Sunburst malicious code is significantly fewer than the number of potentially vulnerable customers,” Ramakrishna said. “This information is consistent with estimates provided by U.S. government entities and other researchers, and consistent with the presumption the attack was highly targeted.”

New Findings

During its investigation, SolarWinds also discovered the following:

  • The threat actor did not modify its source code repository.
  • The threat actor did a test run of its ability to inject code into Orion software in October 2019. That was months before initiating the actual Sunburst injection into Orion released between March and June 2020.
  • SolarWinds has not identified Sunburst in any of its more than 70 non-Orion platform products and tools, including those of its N-able business.

“While we don’t know precisely when or how the threat actor first gained access to our environment, our investigations have uncovered evidence that the threat actor compromised credentials, and conducted research and surveillance in furtherance of its objectives through persistent access to our software development environment and internal systems, including our Microsoft Office 365 environment, for at least nine months prior to initiating the test run in October 2019,” Ramakrishna said. “Based on our learnings, while unfortunate, it’s not uncommon for threat actors to be in target environments for several months to years. This further reinforces the need for transparency and collaboration, so we can all benefit from one another’s shared experiences and knowledge.”

SolarWinds said the three most likely candidates for initial entry include zero-day vulnerability in a third-party application or device; brute-force, such as a password spray attack; or social engineering, such as a targeted phishing attack.

Information Exfiltration

SolarWinds also believes the malicious hacker took certain information as part of its research and surveillance. This evidence includes the following:

  • The threat actor created and moved files containing source code for both Orion and non-Orion products; however, SolarWinds can’t determine the actual contents of those files.
  • The black hat also created and moved additional files. That includes a file that may have contained data supporting its customer portal application. The information included in SolarWinds’ customer portal databases does not contain highly sensitive personal information; however, it does contain other information such as customer name, email addresses, billing addresses, encrypted portal login credentials and more.
  • The attacker accessed email accounts of certain personnel. Some contained information related to current or former employees and customers.

“Armed with what we’ve learned about this attack, we’re focused on becoming an industry leader in protecting our software development from cyber intrusions,” Ramakrishna said. “We’re working with industry experts to implement enhanced security practices designed to further strengthen and protect our products and environment against these and other types of attacks in the future.”

Tags: MSPs Best Practices RMM/PSA Security Strategy

Most Recent


  • European continent at night
    Infinigate Buying Nuvias for ‘Pan-European Cybersecurity Powerhouse’
    The deal will establish a footprint across 21 countries and 1.4 billion Euro in revenue.
  • DartPoints' Jackie Steinberg
    Channel People on the Move: AT&T, HPE, Google Cloud, Comcast, More
    Plus, moves at TBI, Trend Micro, Microsoft, Sandler Partners, Nitel and more.
  • Cloud computing news
    Missed June’s Cloud News? AWS, VMware, HPE, Google Cloud Made Headlines
    In case you’ve been busy (or on much-needed summer break), we’ve collected the biggest news for cloud partners.
  • Cloud computing
    Public Cloud Momentum Pacing Past Forecasts, With AWS, Azure in Lead
    We assess the soaring numbers with the help of Gartner, IDC and Synergy Research.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Businessman Finger Wag
    Don't Be the Next SolarWinds — Eliminate Weak Passwords Now
  • SMB cybersecurity
    Top MSPs on Avoiding the Next SolarWinds Hack, Best Preparing Security Clients
  • Money bag
    What Hack? Top SolarWinds Executives Made $65 Million Last Year
  • Opportunity Knocks
    SolarWinds MSP President: Rebrand Will 'N-Able' Partner Opportunity

Upcoming Events

View all

MSP Summit

September 13, 2022 - September 16, 2022

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Galleries

View all

Channel People on the Move: AT&T, HPE, Google Cloud, Comcast, More

July 5, 2022

Missed June’s Cloud News? AWS, VMware, HPE, Google Cloud Made Headlines

July 5, 2022

Public Cloud Momentum Pacing Past Forecasts, With AWS, Azure in Lead

July 4, 2022

Industry Perspectives

View all

How to Make Embracing Change Part of Your Company Culture

July 1, 2022

How to Differentiate to Leverage 5G’s Revenue Opportunity

June 28, 2022

Why MSPs are Attractive Cyberattack Targets

June 24, 2022

Webinars

View all

VEP Platform for Delivery of uCPE, SD-WAN and SASE

June 29, 2022

The Digital Worker: How to Empower Customers with a Flexible, Scalable VDI Solution to Enable Remote Work

June 30, 2022

Growing Partner Revenue and Customer Satisfaction with Power Management Services

June 23, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

Vonage a ‘Single Communications Stack Provider’ for Partners, Customers

IBM, Partners and the $1 Trillion Hybrid Cloud Opportunity

June 26, 2022

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

May 6, 2022

Twitter

ChannelFutures

Distributor @Infinigate to acquire @nuviasgroup to create "pan-European #cybersecurity powerhouse."… twitter.com/i/web/status/1…

July 5, 2022
ChannelFutures

[email protected], @AWSCloud, @VMware, @Azure, @HPE, more, all made big waves in June with respective #cloud news.… twitter.com/i/web/status/1…

July 5, 2022
ChannelFutures

Happy Independence Day 🎇 to our U.S. colleagues, from the #ChannelFutures and #ChannelPartners team to yours! We ho… twitter.com/i/web/status/1…

July 4, 2022
ChannelFutures

#Publiccloud demand is going nowhere. We dive into stats. @AWSCloud @Azure @IDC @Gartner_inc @SRG_Research #cloud… twitter.com/i/web/status/1…

July 4, 2022
ChannelFutures

Partners can bring more value to #customerrelationships with the #customerexperience, says @SAPPartners4U.… twitter.com/i/web/status/1…

July 4, 2022
ChannelFutures

Channel people making waves this week include: @jpdepa3rd, @RiyaShanmugam, @sandyhogan dlvr.it/STCM6S https://t.co/oVB86ztTtP

July 1, 2022
ChannelFutures

#Cybersecurity experts say July 4th weekend ripe for #ransomware, other attacks. @blumirasec @Netenrich @Vectra_AI… twitter.com/i/web/status/1…

July 1, 2022
ChannelFutures

New @PureStorage #ITchannel leader details jump from Veritas. dlvr.it/STBsLB https://t.co/BFSmZ5ubff

July 1, 2022

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X