Emergency Directive 21-01: Mitigate SolarWinds Orion Code Compromise, December 13, 2020   [open html - 0B]

From the Background: "SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. This tactic permits an attacker to gain access to network traffic management systems. Disconnecting affected devices, as described below in Required Action 2, is the only known mitigation measure currently available. CISA [Cybersecurity and Infrastructure Security Agency] has determined that this exploitation of SolarWinds products poses an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action. This determination is based on: [1] Current exploitation of affected products and their widespread use to monitor traffic on major federal network systems; [2] High potential for a compromise of agency information systems; [3] Grave impact of a successful compromise. CISA understands that the vendor is working to provide updated software patches. However, agencies must wait until CISA provides further guidance before using any forthcoming patches to reinstall the SolarWinds Orion software in their enterprise."

Report Number:
Cybersecurity and Infrastructure Security Agency Emergency Directive 21-01; CISA ED 21-01
Public Domain
Retrieved From:
DHS Cybersecurity Directives: https://cyber.dhs.gov/
Media Type:
Help with citations