Shares of SolarWinds (SWI) have gotten crushed today, down by 17% as of 12:05 p.m. EST, after hackers were able to attack multiple U.S. federal agencies by compromising SolarWinds' systems. The malicious actors are believed to have ties to the Russian government.
Cybersecurity technology company FireEye, which itself was the target of a cyber attack earlier this month, said in a blog post yesterday that it had discovered a widespread intrusion campaign targeting SolarWinds' Orion platform, which provides IT monitoring and management services to enterprise and government customers. The hackers were able to attack SolarWinds' supply chain in order to insert malware into an Orion software update as early as this spring, according to FireEye.
SolarWinds confirmed additional details regarding the attack in a regulatory filing, saying that it believes it was targeted "by an outside nation state." The company warns that it has not confirmed the identity of the attacker and has retained third-party cybersecurity experts to help investigate. SolarWinds adds that it is cooperating with the FBI, U.S. intelligence agencies, and other government organizations.
The company estimates that less than 18,000 customers out of over 300,000 total customers have been impacted by the vulnerability. SolarWinds is working on a software update to address the vulnerability, which it expects to release tomorrow. Orion represented around 45% of the company's total revenue in the first three quarters of 2020. The company notes that the investigations are still ongoing and warns that it cannot currently estimate the financial, legal, or reputational impacts to the business.