Solargate: A Global Trojan Horse in the Supply Train

Good summary and perspective by Doug. First a bit of context and techno translation. The Orion Platform is SolarWinds’ primary systems management bundle for on-premise and hybrid environments. SolarWinds’ products cover the breadth of IT management. That means the hacked version of Orion gave the hackers potential access to servers, applications, databases, storage and more. I have struggled to keep up with the new development pace from MSFT, Relativity, Google, Veritas and most tech market leaders. We all got used to annual or bi-annual major release cycles. Now I see major feature release and hot fix notices daily. IT admins used to own their data systems and apply upgrades/patches in their test environment prior to production upgrades. These were major projects that involved months of preparation. As big enterprise has migrated to the Cloud, IT now manages a much smaller portion of their applications, systems, security and infrastructure. At the same time, we are witnessing the rise of incredibly sophisticated attacks by organized criminal syndicates and nation states on multiple fronts. Preliminary information indicates that the malicious code was manually inserted via the SolarWinds development supply chain. This bypassed all the usual firewall and trust systems as installed corrupted hotfixes as early as spring 2020. Breach remediation is an expensive, ugly process that can impact stock prices and customer/partner/employee trust. Not being a security guru, I support clients with the aftermath. Organized, categorized smart data is easier to monitor, protect and remediate. I hope that Solargate encourages organizations of all sizes to invest in the technology and teams to categorize and manage their unstructured data.