SolarWinds Breach Response | MorphisecAdvice on the SolarWinds Breach

The Sunburst and Supernova attacks that leveraged the SolarWinds supply chain, which impacted 18,000 companies, have demonstrated that zero-trust needs to extend beyond the network and onto the endpoint. Zero-trust endpoint security means you are protected at run-time even when trusted signed applications like SolarWinds are the source of damage.

In a supply chain backdoor attack, the compromised software comes from a high reputation source with a trusted certificate, bypassing detection-based defenses. That trust of signed software is only at rest with the source supplier. Morphisec zero-trust endpoint security looks past this completely and assumes no historic or implied trust, protecting the software at runtime.

As you seek to respond to Sunburst and Supernova, we encourage you to refer to this page for Morphisec's advice on how to ensure your long-term security.

What to Do Now

Examine Cyber Hygiene

Ensuring you have taken the proper cyber hygiene steps can be vital in case of a breach. This includes checking admin privileges on all user accounts, ensuring MFA is in use, and educating your user base about possible phishing emails.

Close Backdoors & Add Active Prevention

The initial Sunburst or Supernova IOCs are only the first backdoors. You'll still need to deploy an active prevention solution in your stack -- such as Morphisec -- to block any additional backdoors that you don't yet know about.

Check With Your Vendors

Even if your organization doesn't use SolarWinds, you may still be compromised because one of your vendors does. Check with them to see if they were impacted in the breach to ensure there remains trust in your supply chain.

Deploy All Available Patches

If you're a SolarWinds customer, and haven't yet been breached, you should deploy the patches the company has released to ensure that future unknown backdoors can't be deployed in your systems.

Morphisec Protects Against SolarWinds Supply Chain Attacks

The SolarWinds breach has caught thousands of organizations off guard, including U.S. government agencies and tens of thousands of private companies.

Morphisec Guard secures organizations against backdoors leveraged by the SolarWinds supply chain. This includes the beacons that are leveraged by the damaging Sunburst and Supernova attacks.

Guard ensures that your critical systems are protected -- even if you're not the SolarWinds customer but a vendor is -- from any known or unknown backdoors that might be created as a result of the SolarWinds breach.

Learn More About Morphisec

Morphisec Guard 5.0

Morphisec Guard leverages the security controls built into Windows 10 by adding patented moving target defense technology to your endpoint security stack, preventing threats designed to bypass status quo prevention and detection tools.

Read the Datasheet

Introducing Morphisec Guard 5.0: Better Security Without Compromise

See how Morphisec Guard brings enterprise-level control and visibility to Windows native security controls such as Microsoft Defender (antivirus), BitLocker (drive encryption) and more.

Watch the Webinar

Towne Properties Replaces Legacy AV with Morphisec Guard

Towne Properties protects its infrastructure with the power of Morphisec Guard.

Watch the Video

Towne Properties Bill Salyers play image

Ready to Get Started?

Morphisec reduces your organization’s risk exposure without affecting business productivity or creating work for your security team. Let our experts show you how it works.