{"id":38729,"date":"2020-12-16T16:04:45","date_gmt":"2020-12-16T16:04:45","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31852\/Here-Are-The-Critical-Responses-Required-Of-All-Businesses-After-The-SolarWinds-Supply-Chain-Hack.html"},"modified":"2020-12-16T16:04:45","modified_gmt":"2020-12-16T16:04:45","slug":"here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/","title":{"rendered":"Here Are The Critical Responses Required Of All Businesses After The SolarWinds Supply-Chain Hack"},"content":{"rendered":"
<\/div>\n
\n

The U.S. Department of Homeland Security, Treasury Department and FireEye are among the most prominent victims affected by the supply chain attack on SolarWinds<\/a> network monitoring software. But these data breaches are just scratching the surface of one of the most significant foreign hacking incidents in history \u2013 one that will have long-lasting repercussions.<\/p>\n

SolarWinds estimates that between last March and June, roughly 18,000 user organizations downloaded updates of its Orion software that Russian APT actors allegedly corrupted with Sunburst backdoor malware. That attack allowed the culprits to perform reconnaissance, elevate their privileges, move laterally and steal data. <\/p>\n

Now SolarWinds customers \u2013 over 300,000 of them, including most of the Fortune 500 \u2013 must determine whether or not they were among those impacted by the cyber espionage operation. <\/p>\n

Near-term: Stop the bleeding<\/strong><\/p>\n

For starters, customers must confirm precisely what data and systems were affected, then mitigate the damage and remove all signs of persistence before they can safely use the Orion software again. In the longer term, companies will also have to take a hard look at new safeguards and internal security policies for all third-party software, especially programs that enable highly privileged visibility and access into sensitive systems.<\/p>\n

In light of the attack, DHS\u2019 Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies<\/a> to \u201cimmediately disconnect or power down SolarWinds Orion products, versions 2019.4 through 2020.2.1 HF1, from their network\u201d and block all connections from systems using those products. Corporations may wish to do the same to prevent any further cyber espionage activity from taking place. But that\u2019s just one facet of what should be a far more comprehensive response.<\/p>\n

\u201cI would be asking the team to stop and drop any other work, assess the software and versions in use, see if the malicious updates were applied, and then respond accordingly,\u201d said Ben Johnson, former NSA hacker, O365 security expert and CTO of SaaS security firm Obsidian.<\/p>\n

To that end, John Mancini, senior product manager at Vectra, said that a core point of the DHS\u2019 guidance for remediating the SolarWinds hack is to analyze for any listed indicators of compromise and then \u201cidentify potential behaviors in metadata that may be related to the compromise.\u201d<\/p>\n

Another critical part of that response will be keeping the public informed. \u201cIn the event data or critical systems were compromised, companies should be taking the unfortunate but necessary step of public disclosure and assessing not just the damage caused by SolarWinds\u2019 compromise, but also the factors within their own networks that contributed to attackers moving freely between systems and networks,\u201d said Jack Mannino, CEO at nVisium.<\/p>\n

Kelvin Coleman, executive director of the National Cyber Security Alliance, listed out several crucial steps companies must implement, including \u201cexecuting any incident response plans they have through their security teams\/SOC; determining what data has been explicitly compromised or stolen in the process; simultaneously contacting suppliers, vendors, partners, etc. to alert them that they\u2019ve been breached; enacting threat hunting protocols with a zero-trust philosophy in mind to figure out if there\u2019s any evidence of continued intrusion in their networks; updating passwords, encryption measures and MFA \u2018secrets\u2019 credentials, [and] preparing a public disclosure strategy, especially if public\/consumer data is determined to have been compromised.\u201d<\/p>\n

Naturally, as the investigation continues, more information will surface.<\/p>\n

\u201cFor any customer of SolarWinds Orion, it is worth digging as deep as possible to understand the implications,\u201d added Brandon Hoffman, chief information security officer at Netenrich. \u201cIt\u2019s not clear whether this is a flaw that SolarWinds totally understands yet. If they do, a fix needs to be issued immediately. If not, it may be worth shutting down that system until there is one.\u201d (A SolarWinds advisory<\/a> does cite two hot fixes that the company recommends downloading.) <\/p>\n

Shutting down your system \u201cmay seem like overkill, but the risk is obvious, especially for targets considered higher priority,\u201d Hoffman continued. \u201cWe still don\u2019t know enough to determine if the attackers have been completely rooted out of the breached systems or even if the full extent of their lateral movements are known.\u201d<\/p>\n

This, said Johnson, is why \u201cif you are impacted \u2013 or at least have the targeted software \u2013 you are going to have to do both a broad and potentially deep sweep of your environment as these actors appear sophisticated and therefore would try to embed their persistence in your environment.\u201d<\/p>\n

But how long will this deep sweep take? Long enough to look for any signs of persistence, while also ensuring that whatever systems do not need to rely on SolarWinds are isolated from its capabilities. <\/p>\n

\u201cAfter months of incident response, hunting, patching, and tuning monitoring systems would it be safe to reconnect again? Going forward, the SolarWinds systems should be segmented away from other parts of the environment so that the impact of any future weaknesses is mitigated,\u201d said Johnson.<\/p>\n

Indeed, \u201cmany customers are skeptical of re-enabling this software in their environments until they have assurance that the malicious code was removed from public releases,\u201d added Mannino. \u201cEven if the malicious code were removed from the publicly available versions of these products and the attackers were successfully removed from the environment, it will take a wait-and-see approach for many organizations to re-enable these software packages.\u201d<\/p>\n

Long-term: Newfound scrutiny of third-party software <\/strong><\/p>\n

Over the long term, certain companies or agencies are also likely to use this incident as a turning point to justify additional scrutiny of third-party software, and safeguards against its abuse.<\/p>\n

For instance, the SolarWinds hack will likely lead to \u201cstronger assessments of vendors and more defense in depth,\u201d said Johnson. \u201cAnything that becomes critical infrastructure and has pervasive access should be heavily monitored as not only would external adversaries be a risk, but any internal users who have access to it as well.\u201d<\/p>\n

As reported by Krebs on Security<\/a>, a SolarWinds support advisory noted that its Orion software may not always work right unless it its file directories are exempted from antivirus scans and group policy object restrictions. For some organizations, this incident may spell the end of such exceptions. <\/p>\n

\u201cInternal security policies must take a trust but validate approach to all software that they deploy,\u201d said Mancini. \u201cMany third-party tools will trip defensive technologies, but that does not justify blanket whitelisting of these tools. An effective defensive posture must continue to keep these tools in view and to continue to monitor for new behaviors and deviations from traditional behaviors.\u201d<\/p>\n

Meanwhile, Joe Slowik, senior security researcher at DomainTools, suggested that organizations may want to consider investing in security solutions designed to monitor network communications for anomalous traffic flows, \u201csuch as a SolarWinds server attempting to resolve a new, unexpected domain,\u201d which might suggest your systems are receiving instructions from an attacker. \u201cThorough understanding of our own networks and visibility into network traffic flows can defeat even the most complex adversaries,\u201d Slowik explained.<\/p>\n

Of course, rarely do security professionals encounter APT operations quite as sophisticated as this one. As FireEye noted in its own report<\/a> on the attack, Sunburst malware \u201cmasquerades its network traffic as the Orion Improvement Program (OIP) protocol and stores reconnaissance results within legitimate plugin configuration files, allowing it to blend in with legitimate SolarWinds activity.\u201d This is one of multiple stealth capabilities that helped the operation go undetected for so long, along with a two-week dormancy period and the use of \u201cobfuscated blocklists to identify forensic and anti-virus tools running as processes, services, and drivers.\u201d<\/p>\n

Indeed, Matt Ashburn, head of strategic initiatives and chief information security officer at the National Security Council, said that effective detection and mitigation of such supply chain threats \u201crequire concerted coordination among traditionally disparate teams, including procurement, logistics, compliance, and security teams.\u201d<\/p>\n

Ashburn said that organizations looking to reduce the risk of similar incidents in the future must work to \u201cfully understand and inventory all devices \u2014 including make, model, and supplier information, including manufacturers, resellers, and sub-suppliers\u201d and also \u201cresearch each level of the supply chain to understand supplier relationships, security practices, and analyze potential risk.\u201d<\/p>\n

Additionally, he recommends adopting a modern, zero-trust security architecture \u2013 perhaps one that prevents any outbound web communications \u201cexcept those known and verified to be trusted connections.\u201d<\/p>\n

Moreover, \u201cfurther segmentation of networks and consolidation of technologies to reduce the complexity of systems would also help defenders have a more focused approach,\u201d said Johnson.<\/p>\n

\u201cSupply chain security will be a front and center issue for many organizations as the fallout from this incident unfolds,\u201d concluded Mannino. \u201cIn addition to traditional software security testing techniques such as code reviews and penetration testing, an increasing number of organizations may be interested in understanding how software behaves through malicious code reviews. These types of tests explore the likelihood that software contains embedded malware, through malicious code commits or by compromised third-party dependencies.\u201d<\/p>\n

Coleman said that moving forward, organizations are going to have to hold third-party software providers more accountable for their security. \u201cAlthough this should have been status quo from the start, this incident should be a wake-up call to companies to keep security standards top of mind when vetting new third-party partners and reassessing existing ones,\u201d he said. \u201cContracts should stipulate regular network testing protocols and \u2018right to audit\u2019 clauses, incident response measures should be transparent, and third-party vendors should have a track record of adhering to compliance standards (e.g. HIPAA, ITAR, PCI-DSS) and abiding by industry frameworks (e.g. as outlined by NIST).\u201d<\/p>\n

\u201cAnd while there are countless more behaviors and safeguards that businesses should be taking, it\u2019s clear that this attack just opened up tons of eyes to the sort of destruction a supply chain attack can have,\u201d Coleman continued. \u201cChances are we\u2019ll see these sorts of measures become more commonplace as companies deal with the fallout.\u201d<\/p>\n<\/p><\/div>\n

\n

Topics:<\/h2>\n

APT<\/a> Breach<\/a> <\/section>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":38730,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[9099],"class_list":["post-38729","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackergovernmentrussiadata-lossflawcyberwarbackdoor"],"yoast_head":"\nHere Are The Critical Responses Required Of All Businesses After The SolarWinds Supply-Chain Hack 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Here Are The Critical Responses Required Of All Businesses After The SolarWinds Supply-Chain Hack 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-12-16T16:04:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Here Are The Critical Responses Required Of All Businesses After The SolarWinds Supply-Chain Hack\",\"datePublished\":\"2020-12-16T16:04:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/\"},\"wordCount\":1643,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack.png\",\"keywords\":[\"headline,hacker,government,russia,data loss,flaw,cyberwar,backdoor\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/\",\"name\":\"Here Are The Critical Responses Required Of All Businesses After The SolarWinds Supply-Chain Hack 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack.png\",\"datePublished\":\"2020-12-16T16:04:45+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack.png\",\"width\":1280,\"height\":768},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,government,russia,data loss,flaw,cyberwar,backdoor\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackergovernmentrussiadata-lossflawcyberwarbackdoor\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Here Are The Critical Responses Required Of All Businesses After The SolarWinds Supply-Chain Hack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Here Are The Critical Responses Required Of All Businesses After The SolarWinds Supply-Chain Hack 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/","og_locale":"en_US","og_type":"article","og_title":"Here Are The Critical Responses Required Of All Businesses After The SolarWinds Supply-Chain Hack 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-12-16T16:04:45+00:00","og_image":[{"width":1280,"height":768,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Here Are The Critical Responses Required Of All Businesses After The SolarWinds Supply-Chain Hack","datePublished":"2020-12-16T16:04:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/"},"wordCount":1643,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack.png","keywords":["headline,hacker,government,russia,data loss,flaw,cyberwar,backdoor"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/","url":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/","name":"Here Are The Critical Responses Required Of All Businesses After The SolarWinds Supply-Chain Hack 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack.png","datePublished":"2020-12-16T16:04:45+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack.png","width":1280,"height":768},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/here-are-the-critical-responses-required-of-all-businesses-after-the-solarwinds-supply-chain-hack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,government,russia,data loss,flaw,cyberwar,backdoor","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackergovernmentrussiadata-lossflawcyberwarbackdoor\/"},{"@type":"ListItem","position":3,"name":"Here Are The Critical Responses Required Of All Businesses After The SolarWinds Supply-Chain Hack"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38729","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=38729"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38729\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/38730"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=38729"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=38729"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=38729"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}