December 6, 2022

Volume XII, Number 340


December 05, 2022

Subscribe to Latest Legal News and Analysis

Five Things to Do in Response to SolarWinds Compromise

The recent hack against FireEye and the U.S. Treasury and Commerce Department affected SolarWinds software for more than 18,000 software users including mostly private company clients in addition to the famously affected government entities.  SolarWinds has confirmed that a cyberattack to its systems inserted a vulnerability within the SolarWinds® Orion® Platform software builds for versions 2019.4 HF 52020.2 with no hotfixand 2020.2 HF 1 (see the SolarWinds Advisory if unsure which version you use). If your organization uses these products, prompt action may be needed to identify and mitigate potential security implications. The malware allows the (likely Russian) hackers to set a back door into companies using the Orion Platform.  Some targets have been attacked and mined for data right away, while others have nothing beyond the vulnerability as yet unexploited.

Thousands of SolarWinds customers have already received notice directly from SolarWinds that their products were not affected by the incident and no action is required. Otherwise, the following mitigation steps are recommended:

  1. Disconnect from the internet all Orion products for versions 2019.4 HF 5 and 2020.2 with no hotfix or 2020.2 HF 1 and update your versions as noted in the SolarWinds security advisory

  2. Identify and block all traffic to and from external sources where Orion software is installed

  3. Remove exemptions for Orion software file directories in your organization’s antivirus software and scan your systems

  4. Identify threat-actor controlled accounts and remove those accounts

  5. Continue monitoring systems for other suspicious activity and read updated advisories as more information about the attacks is discovered and released

SolarWinds and FireEye have also provided the following advisories that can help your organization determine what damage or data exposure, if any, was afflicted by the hackers and what else to do to protect your systems and data:

Copyright © 2022 Womble Bond Dickinson (US) LLP All Rights Reserved.National Law Review, Volume X, Number 359

About this Author

Taylor Ey, Intellectual property attorney, Womble Carlyle, Law Firm

Taylor is an associate in the Intellectual Property Practice Group in Womble Carlyle’s Research Triangle Park Office.


J.D. | 2016 | Wake Forest University School of Law | cum laude | Notes and Comments Editor, Wake Forest Law Review, 2015-2016 | Teaching Assistant, Legal Analysis, Writing and Research I & II, Writing for Judicial Chambers

M.S. |2012 | The Ohio State University | Biomedical Engineering

B.S. | 2011 | The Ohio State University | Biomedical Engineering | Minor, Life Sciences | cum laude