UPDATE: Jan 29, 2020, impact beyond SWI, MSFT
COVID-19 hits Solarwinds (SWI) and it’s customers
Solarwinds (SWI), a provider of software for datacenter and analysis solutions was hit with COVID-19. The infection appears to impacted the company, earlier in 2020, from the inside, and proliferating to customers via downloadable software updates. It’s my opinion this is an insider job, or aided by poor processes and policies, that allowed the infection. As part of a larger super-spreader event, willing customers became infected, as they download and update their systems. And, of course… no one was wearing a mask. Yes, I am making a satyrical parallel to this cyber security event and COVID-19.
Think about what is at stake, eCommerce Systems, Banking Systems, Medical Systems, Industrial systems, Government Systems… as examples. All connected via networks that need to communicate metric data. The criminals in this case embedded their code within a software update.
Generally, I feel Solarwinds is a good company that didn’t have a good defense setup in their own eco-system. This incident will leave SWI tarnished.
As we measure the fallout, it’s interesting to note security company, FireEye got infected with this demon software.
Can SWI recover? The market will speak over time.
My recommendation is to cut SWI loose and make a proactive change NOW…
1/4/2020 update:
Further linkage of this event impacting Microsoft, MSFT, link here.
1/29/2021 update:
Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say, link here.
Want to learn more ? Please book time with me, directly, or via these advisory networks:
AlphaSights, GLG, Taconic