top of page

Action Steps Surrounding SolarWinds Orion Compromise

Updated: Apr 20, 2021

The Department of Homeland Security recently published an alert regarding SolarWinds Orion products which has been exploited by malicious actors. 'This tactic permits an attacker to gain access to network traffic management systems'.

Organizations can proactively determine whether they are at greater risk for this specific type of infection. Here’s what you should do:

1. Validate your version of SolarWinds Orion (affected versions are 2019.4 through 2020.2.1 HF1)

2. Investigate for indicators of compromise as outlined in DHS Emergency Directive 21-01

  1. [SolarWinds.Orion.Core.BusinessLayer.dll] with a file hash of [b91ce2fa41029f6955bff20079468448]

  2. [C:\WINDOWS\SysWOW64\netsetupsvc.dll]

3. If any indicators are identified, forensically image the impacted system(s) and work to understand impacts and enact your incident response plan.

If you believe you are experiencing a security incident, call our incident response hotline immediately: (860)-785-0614.

Cymonix can evaluate your infrastructure to proactively identify, classify, and remediate security threats which may otherwise go undetected. Cymonix risk assessment will proactively identify and respond to a security incident. The risk assessment will assess your environment to determine if threats are present or at imminent risk for a security incident. 


4 views0 comments

Recent Posts

See All

Cybersecurity attacks are on the rise, especially since the onset of the COVID-19 pandemic. Cybercriminals are attacking all businesses, including critical infrastructure and members of the global sup

Microsoft warns about the recently patched Windows MSHTML remote code execution vulnerability tracked (CVE-2021-40444) that has been under active exploitation by multiple threat actors including ranso

The fourth industrial revolution, dubbed Industry 4.0, introduces the use of Cyber Physical Systems (CPSs) in production processes, where the industrial internet of things (IIoT), machine learning, an

bottom of page