Visible to the public Supply Chain CompromiseConflict Detection Enabled

Submitted by willirn1 on Tue, 10/26/2021 - 5:14pm
TitleSupply Chain Compromise
Publication TypeWeb Article
Year of Publication2021
Access DateOctober 26, 2021
PublisherCybersecurity and Infrastructure Standards Agency
Keywordsadvanced persistent threat, authentication mechanisms, C3E, Compromise, critical infrastructure, cyber, cybersecurity, private sector, software supply chain, supply chain, Threat
Abstract

CISA is tracking a significant cyber incident impacting enterprise networks across federal, state, and local governments, as well as critical infrastructure entities and other private sector organizations. An advanced persistent threat (APT) actor is responsible for compromising the SolarWinds Orion software supply chain, as well as widespread abuse of commonly used authentication mechanisms. This threat actor has the resources, patience, and expertise to gain access to and privileges over highly sensitive information if left unchecked. CISA urges organizations to prioritize measures to identify and address this threat.
URLhttps://www.cisa.gov/supply-chain-compromise
Citation Keynode-80012
Groups: