SolarWinds Orion compromise by APT29

SolarWinds NPM is popular among both central and state government departments in India. E.g. ISRO floated a tender for a few SW NPM modules ~2 weeks back.

This is probably the hack of this generation. We should keep our fingers crossed.

1 Like

From SolarWinds’ 8-K filing:

On December 13, 2020, SolarWinds delivered a communication to approximately 33,000 Orion product customers that were active maintenance customers during and after the Relevant Period. SolarWinds currently believes the actual number of customers that may have had an installation of the Orion products that contained this vulnerability to be fewer than 18,000.

The odds are high enough that a few top gov and private Indian orgs are there in those 18K clients who installed the vulnerable version. E.g. ISRO had opened a tender for SW “modules” about a couple of weeks back!

We really need to understand how serious a national security threat this poses.