https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Events
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • Microwave/RF
    • T&D World
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Events
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • WHY ATTEND
    • Exhibitor Listings
    • Floor Plan
    • Exhibiting Information
    • Registration Opens April 2019-Join Our Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


News

18,000 organizations possibly compromised in massive supply-chain cyberattack

18,000 organizations possibly compromised in massive supply-chain cyberattack

  • Written by Jai Vijayan / Dark Reading
  • 17th December 2020

Nation-state attackers used poisoned SolarWinds network management software updates to distribute malware; US government orders federal civilian agencies to immediately power down the technology.

In what may well turn out to be one of the most significant supply-chain attacks in recent years, a likely nation-state backed group compromised systems at SolarWinds and inserted malware into updates of the company’s widely used Orion network management products that were released between March and June 2020.

In total, about 33,000 of SolarWinds’ 300,000 customers — which include numerous government agencies, 499 of the Fortune 500 companies, and over 22,000 managed service providers — could have potentially received the compromised software updates. Some 18,000 organizations worldwide may have actually installed the poisoned software on their systems, SolarWinds said in a SEC filing Monday.

The filing suggested that attackers might have initially broken into SolarWinds’ systems by compromising the company’s emails and using that to access other data in its Microsoft Office 365 environment.

Victims of the massive breach are believed to include the US Treasury Department, the National Telecommunications and Infrastructure Administration, and security vendor FireEye, which last week disclosed a breach involving the theft of the company’s red team tools.

In a measure of the widespread concern the breach has stoked, the US Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive Sunday urging all federal civilian agencies using SolarWinds’ Orion products to immediately power down or disconnect the technology. The Emergency Directive, only the fifth since 2015, described the SolarWinds compromise as posing an unacceptable risk to the security of federal networks. It ordered all federal civilian agencies to provide a report to CISA no later than 12:00 p.m. Eastern Standard Time Monday showing that they had shut down the SolarWinds Orion technology on their networks.

To read the complete article, visit Dark Reading.

 

Tags: Analytics Applications Companies Critical Infrastructure Cybersecurity Enterprise Federal Government/Military Funding Incident Command/Situational Awareness Internet of Things News NIST/PSCR NTIA/FirstNet Policy Public Safety Regional Coordination Security Software State & Local Government Subscriber Devices System Design System Installation System Operation Test & Measurement Tracking, Monitoring & Control Wireless Networks News

Related


  • Public Safety Technology Alliance (PSTA) to shut down
    After three years of existence, the non-profit Public Safety Technology Alliance (PSTA) will cease operations within 45 days as officials say they believe that the organization achieved its primary goal to promote public safety’s use of open-standard technologies. “PSTA achieved its mission,” PSTA board member Jeff Johnson said during an interview with IWCE’s Urgent Communications. […]
  • Klobuchar pledges support for NG911 funding, does not address specifics of proposal
    Sen. Amy Klobuchar (D-Minn.)—a co-chair of the Congressional Next-Gen 911 Caucus—vowed to sponsor legislation once again that calls for at least $12 billion in federal funding to upgrade public-safety answering points (PSAPs) to next-generation-911 (NG911) technology, but she did not release any details of her proposal. Two years ago, Klobuchar sponsored  the “Next Generation 911 […]
  • Ubiquiti's latest hack highlights troubled security path for operators
    In January, equipment vendor Ubiquiti told customers to reset their passwords due to a security breach involving a third-party cloud provider. The announcement appeared to be a relatively routine security warning. Such alerts among equipment vendors have become increasingly common as the noise around cybersecurity continues to rise. However, the situation took on added weight when security researcher […]
  • Dependency problems increase for open-source components
    The average software application depends on more than 500 open source libraries and components, up 77% from 298 dependencies in two years, highlighting the difficulty of tracking the vulnerabilities in every software component, according to a new report from software management firm Synopsys. In its “Open Source Security and Risk Analysis” (OSSRA) report, the company […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Satellites poised to join 5G network topology
  • Global dwell time drops as ransomware attacks accelerate
  • IoT enterprise deployments continue apace, despite COVID-19
  • New T-Band rules impact LMR licensing activity

Commentary


Unlocking the power of ESInets: Different NG911 provisioning approaches exist; level of control is key differentiator

7th April 2021

Ransomware? Let’s call it what it really is: extortionware

21st February 2021

Redefining communications for today’s mobile workforces

18th February 2021
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

Clearing a path to multicloud as the new foundation for digital government dlvr.it/Ry0blK

19th April 2021
UrgentComm

📣 Registration is Officially Open for #IWCE2021! 📣 It's been more than two years, but IWCE is finally headed back t… twitter.com/i/web/status/1…

19th April 2021
UrgentComm

Public Safety Technology Alliance (PSTA) to shut down dlvr.it/RxpbTh

16th April 2021
UrgentComm

Klobuchar pledges support for NG911 funding, does not address specifics of proposal dlvr.it/Rxp4Wp

16th April 2021
UrgentComm

Want to stay up-to-date on the latest #criticalcommunications and #publicsafety trends? Sign up for IWCE's Urgent C… twitter.com/i/web/status/1…

15th April 2021
UrgentComm

Ubiquiti’s latest hack highlights troubled security path for operators dlvr.it/RxkzLj

15th April 2021
UrgentComm

Dependency problems increase for open-source components dlvr.it/RxkffD

15th April 2021
UrgentComm

How smart environments will take shape post-COVID-19 dlvr.it/RxkVPH

15th April 2021

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • Microwave/RF
  • T&D World
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X