• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Saturday, July 12, 2025
  • Login
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home Tech

Orion: SolarWinds’ cyberattack will bring reforms in security

by Smriti Sharma
December 27, 2020
in Tech
Reading Time: 2 mins read
0
Orion
TwitterWhatsappLinkedin

Orion

You might also like

Microsoft Layoffs 2025: Nadella Tells Employees to Learn AI for Performance Reviews

Cloudflare Introduces Pay-to-Crawl System to Curb Unregulated AI Scraping

Indeed and Glassdoor Lay Off 1,300 Employees as AI Reshapes the Hiring Industry

SolarWinds’ IT management platform Orion came under attack recently. Although the full harm of this burst is still not known it is noticeable that it was deep in reach, global in scope, and hit mostly the highest-values assets. For a very long period, the internal networks of agencies, the military, and the government were compromised.

Who is speculated to be behind this attack?

Officials and experts, after researching and analyzing, have concluded that it was most probably a state attack. Looking at capabilities, the highly advanced technologies, and MO it is most likely a job done by Russian agencies. This burst revealed a very good knowledge of both the fabric of modern IT infrastructure and the psychology of those who maintain and develop for it. This hack into the Sunburst system is bound to trigger another arms race between opsec researchers and hackers.

How were the systems hacked?

The attack swept into the system in the form of SolarWinds’ standard distribution update system for Orion. This trick, no matter how old, is very much powerful when used in the right way. The use of an old technique skillfully is what compelled the authorities to believe that it was a state-blown attack.

It is still unclear whether the .dll that was compromised was built on SolarWinds’ server by the company developers or whether a trojan version of the .dll was uploaded and signed by the attacking team. The customer, and in this case vital and central government agencies, is rendered useless when it comes to the product that the company is delivering. It was near to impossible for the agencies to have checked the software for malware and virus as this Orion is third-party software.

Is there a solution to avoid this kind of attack in the future?

The most trivial step would be to make arbitrarily complex internal checks before shipping the product to the customers on the company’s end. CI/CD pipelines with their deployment test suites don’t by and large retest code whenever it’s constructed, confirmed, and conveyed, and their robotization and a high volume of updates pushed live make a high data transmission channel to the client base that is difficult to screen for disruption. Proficiency turns into a weapon in the possession of a foe.

If the pipeline, in contrast to the existing one, rebuilds everything monetarily and checks the files supposed to go live with a high amount of isolation from the network framework and with an intensive process of checking the file through, the system could be made resilient to external attacks. No system is completely whatsoever but the idea is to build a sturdy framework for the system with regular, intensive, and strong checks that are strongly defended.

 

Tweet54SendShare15
Previous Post

Nikola loses another big consignment for E-vehicle

Next Post

Amazon to face its first unionization vote in years

Smriti Sharma

Recommended For You

Microsoft Layoffs 2025: Nadella Tells Employees to Learn AI for Performance Reviews

by Rounak Majumdar
July 12, 2025
0
Microsoft Layoffs 2025: Nadella Tells Employees to Learn AI for Performance Reviews

Microsoft, under the leadership of CEO Satya Nadella, has initiated one of its most significant workforce restructurings in recent years, cutting more than 15,000 jobs globally in 2025...

Read more

Cloudflare Introduces Pay-to-Crawl System to Curb Unregulated AI Scraping

by Harikrishnan A
July 12, 2025
0
Cloudflare Introduces Pay-to-Crawl System to Curb Unregulated AI Scraping

Cloudflare, a key player in internet infrastructure, is taking aim at the growing issue of artificial intelligence bots freely scraping online content. As AI models hunger for data,...

Read more

Indeed and Glassdoor Lay Off 1,300 Employees as AI Reshapes the Hiring Industry

by Harikrishnan A
July 12, 2025
0
Indeed and Glassdoor Lay Off 1,300 Employees as AI Reshapes the Hiring Industry

Job search giants Indeed and Glassdoor are laying off more than 1,300 employees as part of a company-wide restructuring. The cuts, affecting teams focused on research and development,...

Read more
Next Post
Amazon

Amazon to face its first unionization vote in years

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at [email protected]

Advertise With Us

Reach out at - [email protected]

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook flipkart funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News NFT samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2024 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2024 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?