A large-scale cyber-attack was confirmed earlier this week that includes breaches into United States federal government agencies.
On Monday, SolarWinds confirmed that Orion – its flagship network management software – had served as the unwitting conduit for a sprawling international cyberespionage operation. The hackers inserted malicious code into Orion software updates pushed out to nearly 18,000 customers.
And while the number of affected organizations is thought to be much more modest, the hackers have already parlayed their access into consequential breaches at the U.S. Treasury and Department of Commerce.
SolarWinds’ security, meanwhile, has come under new scrutiny. (source)
One interesting and important note has to do with SolarWinds’ update server, which seems to have previously used only a simple password to log in.
Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds’ update server by using the password “solarwinds123”
“This could have been done by any attacker, easily,” Kumar said. (source)
And even if the password were complex, logins that use passwords alone are simply not secure enough to deter sophisticated hackers. By implementing multi-factor authentication, such as with GreenRADIUS, organizations add a robust layer of security to help keep attackers out of secure networks and sensitive data.
To protect servers, such as update servers, our GreenRADIUS solution can implement multi-factor authentication for Windows Logon (for Windows Servers 2012 R2, 2016, and 2019) and Linux servers (such as RedHat, CentOS, Ubuntu, and others).
Contact us today to learn more.