SolarWinds

Last updated

SolarWinds Corporation
Company type Public company
ISIN US83417Q1058
Industry Software
Genre Network monitoring
Founded1999;25 years ago (1999) in Tulsa, Oklahoma, U.S.
Founders
  • Donald Yonce
  • David Yonce
Headquarters,
U.S.
Key people
Sudhakar Ramakrishna (CEO) [1]
ProductsAppOptics, Loggly, Pingdom, Papertrail
RevenueIncrease2.svg US$719 million (2022)
Increase2.svgUS$−820 million (2022)
Increase2.svgUS$−929 million (2022)
Total assets Increase2.svgUS$3.20 billion (2022)
Total equity Increase2.svgUS$1.37 billion (2022)
Number of employees
2,305 (Dec 2022)
Website www.solarwinds.com
Footnotes /references
[2]

SolarWinds Corporation is an American company that develops software for businesses to help manage their networks, systems, and information technology infrastructure. It is headquartered in Austin, Texas, with sales and product development offices in a number of locations in the United States and several other countries. [3] The company was publicly traded from May 2009 until the end of 2015, and again from October 2018. It has also acquired a number of other companies, some of which it still operates under their original names, including Pingdom, Papertrail, and Loggly. [4] It had about 300,000 customers as of December 2020, including nearly all Fortune 500 companies and numerous agencies of the US federal government. [5] [6]

Contents

A SolarWinds product, Orion, used by about 33,000 public and private sector customers, was the focus of a large-scale attack disclosed in December 2020. The attack persisted undetected for months in 2020, and additional details about the breadth and depth of compromised systems continued to surface after the initial disclosure. [7] In February 2021, Microsoft President Brad Smith said that it was "the largest and most sophisticated attack the world has ever seen". [8]

History

SolarWinds began in 1999 in Tulsa, Oklahoma, co-founded by Donald Yonce (a former executive at Walmart) and his brother Dave Yonce. [9] [10] [11] [12] SolarWinds released its first products, Trace Route and Ping Sweep, earlier in March 1998 and released its first web-based network performance monitoring application in November 2001. [13] SolarWinds got its name by combining two words that evoke natural, powerful, and dynamic forces. "Solar" refers to the sun, symbolizing energy, light, and vitality, while "Winds" suggests movement, change, and momentum. Together, the name reflects the company's goal of providing efficient and powerful IT management software that brings solutions to businesses in a dynamic and impactful way. In 2006, the company moved its headquarters to Austin, Texas, [10] where about 300 of the company's total 450 employees were based as of 2011. [9] The company was profitable from its founding through its IPO in 2009. [14]

During 2007, SolarWinds raised funding from Austin Ventures, Bain Capital, and Insight Venture Partners. [15] [16] SolarWinds completed an initial public offering of US$112.5 million in May 2009, [10] closing at higher prices after its initial day of trading. [17] The IPO from SolarWinds was followed by another from OpenTable (an online restaurant-reservation service), which was perceived to break a dry spell during the Great Recession, when very few companies went public. [18] Both Bain Capital and Insight Venture Partners backed the IPO and used the opportunity to sell some of their shares during the offering. [14]

Analysts and company executives anticipated continued expansion post-IPO, including several acquisitions. [19] In 2010, Bennett retired as CEO and was replaced by the company's former chief financial officer Kevin Thompson. [10] In May 2013, SolarWinds announced plans to invest in an operations hub in Salt Lake City, Utah. It was named by Forbes as "Best Small Company in America, citing high-functioning products for low costs and impressive company growth." By 2013, SolarWinds employed about 900 people. [20]

Acquisition by private equity technology investment firms Silver Lake Partners and Thoma Bravo, LLC. was announced in late 2015, [21] [22] and by January 2016, SolarWinds was taken private in a $4.5 billion deal. At the time, the company had 1,770 employees worldwide with 510 based in Austin, and reported revenues of about half a billion dollars a year. [23]

In November 2017, SolarWinds released AppOptics which integrates much of their software portfolio, including Librato and TraceView, into a single software-as-a-service package. AppOptics included compatibility with Amazon Web Services and Microsoft Azure. [24]

In September 2018, SolarWinds filed for a public offering again, after three years of being owned by private equity firms. [25] SolarWinds completed their public offering on October 19, 2018. [26]

On December 7, 2020, CEO Kevin Thompson retired, to be replaced by Sudhakar Ramakrishna, CEO of Pulse Secure, effective January 4, 2021. [1] [27] [28]

On January 8, 2021, SolarWinds hired former CISA director Chris Krebs to help the company work through the recent cyber attack. [29]

In July 2021, SolarWinds separated its managed service provider (MSP) business from the main company. The new separately-traded public company is named N-able. [30]

Acquisitions

According to The Wall Street Journal , SolarWinds offers freely downloadable software to potential clients and then markets more advanced software to them by offering trial versions. [31] Following the funding in 2007, SolarWinds acquired several companies including Neon Software and ipMonitor Corp. and opened a European sales office in Ireland. [32]

During and after its IPO in 2009, SolarWinds acquired a number of other companies and products, including the acquisition of the New Zealand–based software maker Kiwi Enterprises, which was announced in January 2009. [33]

SolarWinds acquired several companies in 2011 and was ranked number 10 on Forbes magazine's list of fastest-growing tech companies. [34] In January 2011, it acquired Hyper9 Inc, an Austin-based virtualization management company with undisclosed terms. [35] In July, SolarWinds completed the acquisition of the Idaho-based network security company TriGeo for $35 million. [34] [36] TriGeo's offices in Post Falls were added to the list of SolarWinds location which already included satellite offices in Dallas, Salt Lake City, and Tulsa, as well as operations in Australia, the Czech Republic, India, Ireland, and Singapore. [37] In 2012 SolarWinds acquired the patch management software provider EminentWare, [38] and RhinoSoft, adding the latter company's FTP Voyager product to SolarWinds' product suite. [39]

In early 2013, SolarWinds acquired N-able Technologies, a cloud-based information technology services provider. The deal was reportedly valued $120 million in cash. [40] In late 2013, it acquired the Boulder, Colorado–based database performance management company Confio Software. With the $103 million agreement, SolarWinds gained a sales office in London and Confio's main product, Ignite. [41] Between 2014 and 2015, the company acquired the Swedish web-monitoring company Pingdom, [42] [43] the San Francisco–based metrics and monitoring company Librato (for $40 million), [44] and the log management service Papertrail (for $41 million). [45]

Between 2015 and 2020, SolarWinds acquired Librato (a monitoring company), [46] Capzure Technology (an MSP Manager software to N-able which SolarWinds had previously acquired), [47] LogicNow (a remote monitoring software company), [48] SpamExperts (an email security company), [49] Loggly (a log management and analytics company), [4] Trusted Metrics (a provider of threat monitoring and management software), [50] Samanage (a service desk and IT asset management provider), [51] VividCortex (a database performance monitor), [52] and SentryOne (a provider of database performance monitoring). [53]

2019–2020 supply chain attacks

SUNBURST

On December 13, 2020, The Washington Post reported that multiple government agencies were breached through SolarWinds's Orion software. [54] The next day, the company stated in an SEC filing that fewer than 18,000 of its 33,000 Orion customers were affected, involving certain hotfixes of versions 2019.4 through 2020.2.1, released between March 2020 and June 2020. [5] According to Microsoft, hackers acquired superuser access to SAML token-signing certificates. [55] This SAML certificate was then used to forge new tokens to allow hackers trusted and highly privileged access to networks. [56] The Cybersecurity and Infrastructure Security Agency issued Emergency Directive 21–01 in response to the incident, advising all federal civilian agencies to disable Orion. [57]

APT29, aka Cozy Bear, working for the Russian Foreign Intelligence Service (SVR), was reported to be behind the 2020 attack. [58] [59] Victims of this attack include the cybersecurity firm FireEye, the US Treasury Department, the US Department of Commerce's National Telecommunications and Information Administration, as well as the US Department of Homeland Security. [60] [61] Prominent international SolarWinds customers investigating whether they were impacted include the North Atlantic Treaty Organization (NATO), the European Parliament, UK Government Communications Headquarters, the UK Ministry of Defence, the UK National Health Service (NHS), the UK Home Office, and AstraZeneca. [62] [63] FireEye reported the hackers inserted "malicious code into legitimate software updates for the Orion software that allow an attacker remote access into the victim's environment" and that they have found "indications of compromise dating back to the spring of 2020". [64] FireEye named the malware SUNBURST. [65] [66] Microsoft called it Solorigate. [67] [66]

The attack used a backdoor in a SolarWinds library; when an update to SolarWinds occurred, the malicious attack would go unnoticed due to the trusted certificate. [68] In November 2019, a security researcher notified SolarWinds that credentials to a third party FTP server had a weak password of "solarwinds123", warning that "any hacker could upload malicious [code]" that would then be distributed to SolarWinds customers. [69] [70] [71] The New York Times reported SolarWinds did not employ a chief information security officer and that employee passwords had been posted on GitHub in 2019. [72]

On December 15, 2020, SolarWinds reported the breach to the Securities and Exchange Commission. [73] However, SolarWinds continued to distribute malware-infected updates, and did not immediately revoke the compromised digital certificate used to sign them. [69] [74] [75]

On December 16, 2020, German IT news portal Heise.de reported that SolarWinds had for some time been encouraging customers to disable anti-malware tools before installing SolarWinds products. [76] [77]

On December 17, 2020, SolarWinds said they would revoke the compromised certificates by December 21, 2020. [78]

On December 21, 2020, Attorney General William Barr stated that he believed that the SolarWinds hack appears to have been perpetrated by Russia, contradicting speculations by President Donald Trump that China, not Russia, might be to blame. [79]

In late December 2020, Trustwave, a cybersecurity firm, reached out to SolarWinds to report new security flaws they had discovered in software produced by SolarWinds. Although these vulnerabilities hadn't been taken advantage of by hackers, it raised questions concerning the network security of SolarWinds' customers. [80]

The magnitude of the monetary damage has yet to be calculated, but on January 14, 2021, CRN.com reported that the attack could cost cyber insurance firms at least $90 million. [81] [82]

On March 1, 2021, SolarWinds CEO, Sudhakar Ramakrishna, blamed a company intern for using an insecure password ("solarwinds123") on their update server. Speculation that this led to the attack is discounted by the company and security professionals. [83] [84] More than the intern using a weak password, experts noted that the main issue this fact highlights is the poor security culture the company has. [85]

In the aftermath of the incident there has been question raised within the US Government about the role Microsoft carried blame in enabling the breach. This relates to the "golden SAML" vulnerability in Microsoft's directory offerings that the company had knowledge of but did not address. Senator Ron Wyden questioned why the US Government spent so much money on Microsoft software without the company warning it of this hacking technique. [86]

SUPERNOVA

On December 19, 2020, Microsoft said that its investigations into supply chain attacks at SolarWinds had found evidence of an attempted supply chain attack distinct from the attack in which SUNBURST malware was inserted into Orion binaries (see previous section). [87] [88] This second attack has been dubbed SUPERNOVA. [87] [88]

Security researchers from Palo Alto Networks said the SUPERNOVA malware was implemented stealthily. [89] SUPERNOVA comprises a very small number of changes to the Orion source code, implementing a web shell that acts as a remote access tool. [89] [90] The shell is assembled in-memory during SUPERNOVA execution, thus minimizing its forensic footprint. [89]

Unlike SUNBURST, SUPERNOVA does not possess a digital signature. [89] This is among the reasons why it is thought to have originated with a different group than the one responsible for SUNBURST. [89] [91]

Insider trading claims

SolarWinds's share price fell 25% within days of the SUNBURST breach becoming public knowledge, [73] and 40% within a week. [92] Insiders at the company had sold approximately $280 million in stock shortly before this became publicly known, [93] which was months after the attack had started. A spokesperson said that those who sold the stock had not been aware of the breach at the time. [1] [94] [95]

Microsoft guidance on service provider and downstream business attacks

In November 2021 Microsoft issued an alert [96] in relation to the advanced persistent threat (APT) actor Nobelium (aka APT29; Cozy Bear) that was responsible for the 2020 SolarWinds supply chain attack is targeting cloud service providers (CSPs), managed service providers (MSPs), and other IT service providers. Microsoft Threat Intelligence Center (MSTIC) released a range of recommendations for service providers and downstream businesses to implement in order to address the threat. [97]

Class action lawsuit

In January 2021, a class action lawsuit was filed against SolarWinds in relation to its security failures and subsequent fall in share price. [98] [99] SolarWinds attempted to have this case dismissed; in March 2022, a judge ruled that the class action lawsuit could move forward. [100] SolarWinds settled the suit for $26 million in November 2022, and was notified by the SEC that it intended to take enforcement action. [101]

Related Research Articles

<span class="mw-page-title-main">Computer security</span> Protection of computer systems from information disclosure, theft or damage

Computer security is the protection of computer software, systems and networks from threats that can lead to unauthorized information disclosure, theft or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

Blackbaud, Inc. is a cloud computing provider that supports nonprofits, foundations, corporations, education institutions, healthcare organizations, religious organizations, and individual change agents. Its products focus on fundraising, website management, CRM, analytics, financial management, ticketing, and education administration.

<span class="mw-page-title-main">Ivanti</span> American IT software company

Ivanti is an IT software company headquartered in South Jordan, Utah, United States. It produces software for IT Security, IT Service Management, IT Asset Management, Unified Endpoint Management, Identity Management and supply chain management. It was formed in January 2017 with the merger of LANDESK and HEAT Software, and later acquired Cherwell Software. The company became more widely known after several major security incidents related to the VPN hardware it sells.

<span class="mw-page-title-main">CCleaner</span> Suite of utilities for cleaning disk and operating system environment

CCleaner, developed by Piriform Software, is a utility used to clean potentially unwanted files and invalid Windows Registry entries from a computer. It is one of the longest-established system cleaners, first launched in 2004. It was originally developed for Microsoft Windows only, but in 2012, a macOS version was released. An Android version was released in 2014.

A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less secure elements in the supply chain. A supply chain attack can occur in any industry, from the financial sector, oil industry, to a government sector. A supply chain attack can happen in software or hardware. Cybercriminals typically tamper with the manufacturing or distribution of a product by installing malware or hardware-based spying components. Symantec's 2019 Internet Security Threat Report states that supply chain attacks increased by 78 percent in 2018.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

Trellix is a privately held cybersecurity company that was founded in 2022. It has been involved in the detection and prevention of major cybersecurity attacks. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and analyze IT security risks.

<span class="mw-page-title-main">Malwarebytes</span> Internet security company

Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; Bastia Umbra, Italy; and Cork, Ireland.

<span class="mw-page-title-main">Mimecast</span> Information technology company

Mimecast Limited is an American–British, Jersey-domiciled company specializing in cloud-based email management for Google Workspace, Microsoft Exchange and Microsoft Office 365, including security, archiving, and continuity services to protect business mail.

Imperva, Inc. is an American cyber security software and services company which provides protection to enterprise data and application software. The company is headquartered in San Mateo, California.

Trustwave is an American cybersecurity subsidiary of The Chertoff Group. It focuses on providing managed detection and response (MDR), managed security services (MSS), database security, and email security to organizations around the globe.

Mandiant, Inc. is an American cybersecurity firm and a subsidiary of Google. Mandiant received attention in February 2013 when it released a report directly implicating China in cyber espionage. In December 2013, Mandiant was acquired by FireEye for $1 billion, who eventually sold the FireEye product line, name, and its employees to Symphony Technology Group for $1.2 billion in June 2021.

Hacking Team was a Milan-based information technology company that sold offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations. Its "Remote Control Systems" enable governments and corporations to monitor the communications of internet users, decipher their encrypted files and emails, record Skype and other Voice over IP communications, and remotely activate microphones and camera on target computers. The company has been criticized for providing these capabilities to governments with poor human rights records, though HackingTeam states that they have the ability to disable their software if it is used unethically. The Italian government has restricted their licence to do business with countries outside Europe.

Cozy Bear is a Russian advanced persistent threat hacker group believed to be associated with Russian foreign intelligence by United States intelligence agencies and those of allied countries. Dutch signals intelligence (AIVD) and American intelligence had been monitoring the group since 2014 and was able to link the hacker group to the Russian foreign intelligence agency (SVR) after compromising security cameras in their office. CrowdStrike and Estonian intelligence reported a tentative link to the Russian domestic/foreign intelligence agency (FSB). Various groups designate it CozyCar, CozyDuke, Dark Halo, The Dukes, Midnight Blizzard, NOBELIUM, Office Monkeys, StellarParticle, UNC2452 with a tentative connection to Russian hacker group YTTRIUM. Symantec reported that Cozy Bear had been compromising diplomatic organizations and national governments since at least 2010. Der Spiegel published documents in 2023 purporting to link Russian IT firm NTC Vulkan to Cozy Bear operations.

CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services.

<span class="mw-page-title-main">Alex Stamos</span> Greek American computer scientist

Alex Stamos is an American, cybersecurity expert, the former chief security officer (CSO) at Facebook. His planned departure from the company, following disagreement with other executives about how to address the Russian government's use of its platform to spread disinformation during the 2016 U.S. presidential election, was reported in March 2018.

<span class="mw-page-title-main">Chris Krebs</span> American cybersecurity and infrastructure security expert (born 1977)

Christopher Cox Krebs is an American attorney who served as Director of the Cybersecurity and Infrastructure Security Agency in the United States Department of Homeland Security from November 2018 until November 17, 2020, when President Donald Trump fired Krebs for contradicting Trump's claims of election fraud in the 2020 presidential election.

<span class="mw-page-title-main">2020 United States federal government data breach</span> US federal government data breach

In 2020, a major cyberattack suspected to have been committed by a group backed by the Russian government penetrated thousands of organizations globally including multiple parts of the United States federal government, leading to a series of data breaches. The cyberattack and data breach were reported to be among the worst cyber-espionage incidents ever suffered by the U.S., due to the sensitivity and high profile of the targets and the long duration in which the hackers had access. Within days of its discovery, at least 200 organizations around the world had been reported to be affected by the attack, and some of these may also have suffered data breaches. Affected organizations worldwide included NATO, the U.K. government, the European Parliament, Microsoft and others.

A global wave of cyberattacks and data breaches began in January 2021 after four zero-day exploits were discovered in on-premises Microsoft Exchange Servers, giving attackers full access to user emails and passwords on affected servers, administrator privileges on the server, and access to connected devices on the same network. Attackers typically install a backdoor that allows the attacker full access to impacted servers even if the server is later updated to no longer be vulnerable to the original exploits. As of 9 March 2021, it was estimated that 250,000 servers fell victim to the attacks, including servers belonging to around 30,000 organizations in the United States, 7,000 servers in the United Kingdom, as well as the European Banking Authority, the Norwegian Parliament, and Chile's Commission for the Financial Market (CMF).

References

  1. 1 2 3 Novet, Jordan (December 16, 2020). "SolarWinds hack has shaved 23% from software company's stock this week". CNBC. Archived from the original on December 16, 2020. Retrieved December 17, 2020.
  2. "SolarWinds Corporation 2022 Annual Report (Form 10-K)". U.S. Securities and Exchange Commission. February 22, 2023.
  3. Lind, Treva (September 22, 2011). "SolarWinds blows into Post Falls". Journal of Business. Archived from the original on December 20, 2020. Retrieved January 23, 2018.
  4. 1 2 Lardinois, Frederic (January 8, 2018). "SolarWinds acquires log-monitoring service Loggly". TechCrunch. Archived from the original on December 20, 2020. Retrieved July 16, 2018.
  5. 1 2 Cimpanu, Catalin. "SEC filings: SolarWinds says 18,000 customers were impacted by recent hack". ZDNet. Archived from the original on December 15, 2020. Retrieved December 18, 2020.
  6. Sanger, David E.; Perlroth, Nicole; Schmitt, Eric (December 15, 2020). "Scope of Russian Hack Becomes Clear: Multiple U.S. Agencies Were Hit". New York Times. Archived from the original on December 18, 2020. Retrieved December 18, 2020.
  7. Cimpanu, Catalin. "Microsoft says it identified 40+ victims of the SolarWinds hack". ZDNet. Archived from the original on December 20, 2020. Retrieved December 19, 2020.
  8. "SolarWinds is 'largest' cyberattack ever, Microsoft president says". Politico. February 15, 2021. Archived from the original on February 15, 2021. Retrieved February 15, 2021.
  9. 1 2 Harrell, Barry (July 5, 2011). "Fast-growing Austin software maker Solarwinds acquires Idaho company". Austin American-Statesman. Archived from the original on January 24, 2018. Retrieved January 23, 2018.
  10. 1 2 3 4 Hawkins, Lori (November 20, 2011). "SolarWinds keeps on growing". Austin American-Statesman. Archived from the original on December 20, 2020. Retrieved June 17, 2013.
  11. Baker, Liana B. (October 9, 2015). "SolarWinds confirms it is exploring strategic alternatives". Reuters. Archived from the original on January 24, 2018. Retrieved January 23, 2018.
  12. Peterson-Withorn, Chase (October 23, 2015). "Who Got Rich This Week: SolarWinds Founder Yonce's Fortune Jumps Due To $4.5 Billion Sale Agreement". Forbes. Archived from the original on December 20, 2020. Retrieved January 23, 2018.
  13. "Corporate Fact Sheet" (PDF). SolarWinds. 2008. Archived from the original (PDF) on November 17, 2008. Retrieved February 17, 2017.
  14. 1 2 Cowan, Lynn (May 22, 2009). "Bright Start for SolarWinds Stock". Wall Street Journal. ISSN   0099-9660. Archived from the original on December 20, 2020. Retrieved January 23, 2018.
  15. "SolarWinds raises $7.5M". Austin Business Journal. February 5, 2007. Archived from the original on December 20, 2020. Retrieved January 24, 2018.
  16. Morrison, Chris (January 6, 2009). "Is network management growing? SolarWinds picks up Kiwi Enterprises". VentureBeat. Archived from the original on December 20, 2020. Retrieved January 24, 2018.
  17. Vance, Ashlee; Miller, Claire Cain (May 20, 2009). "SolarWinds Beats Odds With Public Offering". Bits Blog. Archived from the original on December 20, 2020. Retrieved January 23, 2018.
  18. Miller, Claire Cain (May 21, 2009). "Investors Find an Appetite for Tech Offerings". The New York Times. ISSN   0362-4331. Archived from the original on December 20, 2020. Retrieved January 24, 2018.
  19. Krause, Reinhardt (November 26, 2014). "SolarWinds Acquisition Spree Expected To Keep Going". Investor's Business Daily. Archived from the original on December 20, 2020. Retrieved January 24, 2018.
  20. Lee, Jasen (May 9, 2013). "Tech firm to bring more than 1,000 jobs to Utah". Deseret News. Archived from the original on December 20, 2020. Retrieved January 24, 2018.
  21. Goliya, Kshitiz (October 21, 2015). "Silver Lake, Thoma Bravo to take SolarWinds private in $4.5 billion deal". Reuters. Archived from the original on December 20, 2020. Retrieved January 30, 2018.
  22. Minaya, Ezequiel (October 21, 2015). "SolarWinds to be Bought by Silver Lake, Thoma Bravo". Wall Street Journal. ISSN   0099-9660. Archived from the original on December 20, 2020. Retrieved January 30, 2018.
  23. Rockwell, Lilly (February 5, 2016). "Austin software maker SolarWinds completes $4.5 billion sale". Austin American-Statesman. Archived from the original on December 20, 2020. Retrieved May 5, 2016.
  24. Moozakis, Chuck (November 21, 2017). "SolarWinds' AppOptics melds network device monitoring, app behavior". TechTarget. Archived from the original on December 14, 2020. Retrieved January 30, 2018.
  25. Assis, Claudia. "Software provider Solarwinds files for IPO". MarketWatch. Archived from the original on December 20, 2020. Retrieved October 1, 2018.
  26. "SolarWinds prices reduced IPO at low end of lowered expected range". MarketWatch.com. October 19, 2018. Archived from the original on December 20, 2020. Retrieved October 19, 2018.
  27. Johnson, O’Ryan (December 9, 2020). "SolarWinds Names New CEO As Potential Spin-off Inches Forward". CRN. Archived from the original on December 20, 2020. Retrieved December 20, 2020.
  28. "SolarWinds Appoints Sudhakar Ramakrishna as New President and Chief Executive Officer". businesswire.com. December 9, 2020. Archived from the original on December 20, 2020. Retrieved December 20, 2020.
  29. Hautala, Laura. "SolarWinds hires former CISA director Chris Krebs to consult on hack aftermath". CNET. Archived from the original on January 10, 2021. Retrieved January 10, 2021.
  30. "SolarWinds Completes Spin-Off of its MSP Business; N-able, Inc. Begins Trading as Independent, Publicly Traded Company". businesswire.com. July 20, 2021. Archived from the original on July 30, 2021. Retrieved July 30, 2021.
  31. Cowan, Lynn (May 22, 2009). "Bright Start for SolarWinds Stock". The Wall Street Journal. ISSN   0099-9660. Archived from the original on December 20, 2020. Retrieved July 16, 2018.
  32. Cooter, Maxwell. "Solar Winds finally blows into Europe". Techworld. Archived from the original on January 24, 2018. Retrieved January 24, 2018.
  33. Dubie, Denise (January 5, 2009). "SolarWinds acquires Kiwi Enterprises". Network World. Archived from the original on December 20, 2020. Retrieved January 30, 2018.
  34. 1 2 Harrell, Barry (July 5, 2011). "Fast-growing Austin software maker Solarwinds acquires Idaho company". Austin American-Statesman. Archived from the original on January 24, 2018. Retrieved July 16, 2018.
  35. "SolarWinds acquires Hyper9". Austin Business Journal. January 19, 2011. Archived from the original on December 20, 2020. Retrieved January 30, 2018.
  36. Wauters, Robin (June 23, 2011). "SolarWinds Buys Network Security Company TriGeo For $35 Million In Cash". TechCrunch. Archived from the original on July 9, 2017. Retrieved January 30, 2018.
  37. Lind, Treva (September 22, 2011). "SolarWinds blows into Post Falls". Spokane Journal. Archived from the original on December 20, 2020. Retrieved July 16, 2018.
  38. Mukhar, Nicholas (February 2, 2012). "SolarWinds Acquires EminentWare for Patch Management Software". Channel Futures. Archived from the original on December 20, 2020. Retrieved March 11, 2024.
  39. Hay, Richard (December 18, 2012). "RhinoSoft Acquired by SolarWinds – FTP Voyager Now Offered as Free Tool". WindowsObserver.com. Archived from the original on July 9, 2017. Retrieved January 30, 2018.
  40. Cai, Debbie (May 21, 2013). "SolarWinds to Buy N-able Technologies for $120 Million". The Wall Street Journal. Archived from the original on June 9, 2013. Retrieved March 11, 2024.
  41. "SolarWinds buys Confio Software for $103M". The Denver Post. Associated Press. October 7, 2013. Archived from the original on December 20, 2020. Retrieved January 23, 2018.
  42. Kobialka, Dan (June 20, 2014). "SolarWinds Adds Pingdom to Its Performance Management Portfolio". Channel Futures. Archived from the original on December 20, 2020. Retrieved March 11, 2024.
  43. Hawkins, Lori (June 18, 2014). "Austin-based SolarWinds acquires Stockholm-based company". Austin American-Statesman. Archived from the original on December 20, 2020. Retrieved January 23, 2018.
  44. "SolarWinds Expands Its Cloud Monitoring and Management Footprint With Acquisition of Librato". MarketWatch. Archived from the original on March 3, 2016. Retrieved May 5, 2016.
  45. Lardinois, Frederic (April 28, 2015). "SolarWinds Acquires Log Management Service Papertrail For $41M In Cash". TechCrunch. AOL. Archived from the original on December 20, 2020. Retrieved May 5, 2016.
  46. Wells, Karla (January 29, 2015). "SolarWinds Expands Its Cloud Monitoring and Management Footprint with Acquisition of Librato". SolarWinds News Room. Archived from the original on December 20, 2020. Retrieved July 16, 2018.
  47. Davis, Jessica (August 24, 2015). "SolarWinds N-able to Roll Out Competitively Priced MSP Manager Platform". Channel Futures. Archived from the original on December 20, 2020. Retrieved March 11, 2024.
  48. Foye, Brendon (June 2, 2016). "SolarWinds acquires LogicNow, creates new company". CRN Australia. Archived from the original on December 20, 2020. Retrieved January 23, 2018.
  49. Wells, Karla (August 29, 2017). "SolarWinds MSP Acquires SpamExperts to Enhance its Growing Product Portfol". SolarWinds News Room. Archived from the original on December 20, 2020. Retrieved July 16, 2018.
  50. "SolarWinds acquires Trusted Metrics, Adding Threat Monitoring and Management to Its IT Management Portfolio". July 10, 2018. Archived from the original on December 20, 2020. Retrieved August 1, 2018.
  51. "SolarWinds Sets Its Sights on the ITSM Market through Acquisition of Samanage and Introduction of a SolarWinds Service Desk Product". April 11, 2019. Archived from the original on December 20, 2020. Retrieved April 29, 2019.
  52. "SolarWinds Set to "Cover the Databases" Through Acquisition of VividCortex and Introduction of New Monitoring Solution Designed for Cloud-Native Databases". December 11, 2019. Archived from the original on December 20, 2020. Retrieved March 4, 2020.
  53. "SolarWinds Snaps Up SentryOne To Enhance Database Management Capabilities". SmarterAnalyst. October 26, 2020. Archived from the original on December 20, 2020. Retrieved October 26, 2020.
  54. Orion platform (archived website copy)
  55. "CrowdStrike breaks down 'Golden SAML' attack | TechTarget". Security. Retrieved January 27, 2024.
  56. Lambert, John (December 13, 2020). "Important steps for customers to protect themselves from recent nation-state cyberattacks". Microsoft. Archived from the original on December 20, 2020. Retrieved December 13, 2020.
  57. "CISA Issues Emergency Directive to Mitigate the Compromise of SolarWinds Orion Network Management Products". Cybersecurity & Infrastructure Security Agency. December 13, 2020. Archived from the original on December 15, 2020. Retrieved December 15, 2020.
  58. "Russian government spies are behind a broad hacking campaign that has breached U.S. agencies and a top cyber firm". The Washington Post. December 13, 2020. Archived from the original on December 13, 2020. Retrieved December 13, 2020.
  59. "Assembling the Russian Nesting Doll: UNC2452 Merged into APT29". Mandiant. Retrieved May 17, 2023.
  60. Cimpanu, Catalin. "Microsoft, FireEye confirm SolarWinds supply chain attack". ZDNet. Archived from the original on December 16, 2020. Retrieved December 14, 2020.
  61. "Suspected Russian hackers breached U.S. Department of Homeland Security - sources". Reuters. December 14, 2020. Archived from the original on December 20, 2020. Retrieved December 16, 2020.
  62. Gallanger, Ryan, Donaldson, Kitty, et al. (15 December 2020). "U.K. Government, NATO Join U.S. in Monitoring Risk From Hack". Bloomberg News website Archived December 15, 2020, at the Wayback Machine Retrieved 15 December 2020.
  63. Field, Matthew. (16 December 2020). "SolarWinds shareholders sold $280m days before breach was revealed". The Telegraph website Archived December 20, 2020, at the Wayback Machine Retrieved 16 December 2020.
  64. "Global Intrusion Campaign Leverages Software Supply Chain Compromise". FireEye. Archived from the original on December 18, 2020. Retrieved December 18, 2020.
  65. "Microsoft, FireEye confirm SolarWinds supply chain attack". ZDNet. December 14, 2020. Archived from the original on December 16, 2020. Retrieved December 16, 2020.
  66. 1 2 "Sunburst Trojan – What You Need to Know". Deep Instinct. December 16, 2020. Archived from the original on December 18, 2020. Retrieved December 17, 2020.
  67. "The SolarWinds Perfect Storm: Default Password, Access Sales and More". threatpost.com. December 16, 2020. Archived from the original on December 17, 2020. Retrieved December 17, 2020.
  68. "Microsoft, Customer Guidance on Recent Nation-State Cyber Attacks". Microsoft Security Response Center. December 13, 2020. Archived from the original on December 20, 2020. Retrieved December 15, 2020.
  69. 1 2 "SolarWinds Hack Could Affect 18K Customers — Krebs on Security". Archived from the original on December 16, 2020. Retrieved December 16, 2020.
  70. Varghese, Sam. "iTWire - SolarWinds FTP credentials were leaking on GitHub in November 2019". itwire.com. Archived from the original on December 15, 2020. Retrieved December 16, 2020.
  71. Satter, Raphael; Bing, Christopher; Menn, Joseph (December 15, 2020). "Hackers used SolarWinds' dominance against it in sprawling spy campaign". Reuters. Archived from the original on December 17, 2020. Retrieved December 16, 2020.
  72. Sanger, David E.; Perlroth, Nicole; Barnes, Julian E. (December 16, 2020). "Billions Spent on U.S. Defenses Failed to Detect Giant Russian Hack". The New York Times. Archived from the original on December 16, 2020. Retrieved December 18, 2020.
  73. 1 2 "What you need to know about the biggest hack of the US government in years". the Guardian. December 15, 2020. Archived from the original on December 20, 2020. Retrieved December 16, 2020.
  74. McCarthy, Kieren (December 15, 2020). "SolarWinds: Hey, only as many as 18,000 customers installed backdoored software linked to US govt hacks". The Register . Archived from the original on December 16, 2020. Retrieved December 16, 2020.
  75. Varghese, Sam. "iTWire - Backdoored Orion binary still available on SolarWinds website". itwire.com. Archived from the original on December 14, 2020. Retrieved December 16, 2020.
  76. "The SolarWinds Perfect Storm: Default Password, Access Sales and More". threatpost.com. December 16, 2020. Archived from the original on December 17, 2020. Retrieved December 17, 2020.
  77. online, heise (December 16, 2020). "l+f SolarWinds-Backdoor: Hersteller sorgte für Ausnahmen von AV-Überwachung". Security. Archived from the original on December 20, 2020. Retrieved December 17, 2020.
  78. Kovar, Joseph F.; Johnson, O'Ryan (December 17, 2020). "SolarWinds MSP To Revoke Digital Certificates For Tools, Issue New Ones As Breach Fallout Continues". CRN. Archived from the original on December 20, 2020. Retrieved December 18, 2020.
  79. Wilkie, Christina (December 21, 2020). "Attorney General Barr breaks with Trump, says SolarWinds hack 'certainly appears to be the Russians'". CNBC. NBCUniversal News Group. Archived from the original on April 12, 2021. Retrieved December 22, 2020.
  80. Dilanian, Ken (February 3, 2021). "More exploitable flaws found in SolarWinds software, says cybersecurity firm". NBC News . Archived from the original on June 23, 2021. Retrieved June 10, 2021.
  81. "SolarWinds Hack Could Cost Cyber Insurance Firms $90 Million". January 14, 2021. Archived from the original on January 16, 2021. Retrieved January 14, 2021.
  82. "Everything You Need To Know About SolarWinds Supply-Chain Attack". The Hack Report . February 5, 2021.
  83. "SolarWinds Blames Intern for Weak Password That Led to Biggest Attack in 2020". The Hacker News. Archived from the original on March 1, 2021. Retrieved March 1, 2021.
  84. "SolarWinds CEO expresses regret for 'blame the intern' defense during Orion hack investigation". SC Magazine. May 19, 2021. Retrieved August 9, 2021.
  85. "it's a safe bet that a security culture that enabled such a basic mistake couldn't have helped". "SolarWinds security fiasco may have started with simple password blunders". ZDNet . Archived from the original on March 4, 2021. Retrieved March 4, 2021.
  86. Gralla, Preston (March 22, 2021). "Does Microsoft share blame for the SolarWinds hack?". Computerworld. Retrieved January 27, 2024.
  87. 1 2 Bing, Christopher (December 19, 2020). "Second hacking team was targeting SolarWinds at time of big breach". Reuters. Archived from the original on December 22, 2020. Retrieved December 23, 2020 via reuters.com.
  88. 1 2 "New Zero-Day, Malware Indicate Second Group May Have Targeted SolarWinds". SecurityWeek. December 28, 2020. Archived from the original on January 14, 2021. Retrieved January 13, 2021.
  89. 1 2 3 4 5 "New SUPERNOVA backdoor found in SolarWinds cyberattack analysis". BleepingComputer. Archived from the original on December 23, 2020. Retrieved December 23, 2020.
  90. "Microsoft identifies second hacking group affecting SolarWinds software". CyberScoop. December 21, 2020. Archived from the original on December 23, 2020. Retrieved December 23, 2020.
  91. Cimpanu, Catalin. "A second hacking group has targeted SolarWinds systems". ZDNet. Archived from the original on December 23, 2020. Retrieved December 23, 2020.
  92. "SolarWinds Adviser Warned of Lax Security Years Before Hack". Bloomberg.com. December 21, 2020. Archived from the original on May 16, 2021. Retrieved December 23, 2020.
  93. "Investors in breached software firm SolarWinds traded $280 million in stock days before hack was revealed". The Washington Post. December 16, 2020. Archived from the original on December 20, 2020. Retrieved December 16, 2020.
  94. Primack, Dan (December 18, 2020). "SolarWinds denies insider trading activity ahead of hack revelation". Axios. Archived from the original on December 20, 2020. Retrieved December 23, 2020.
  95. "SolarWinds Claims Execs Unaware of Breach When They Sold Stock | SecurityWeek.Com". securityweek.com. December 22, 2020. Archived from the original on December 22, 2020. Retrieved December 23, 2020.
  96. "NOBELIUM targeting delegated administrative privileges to facilitate broader attacks". Microsoft Security Blog. October 25, 2021. Retrieved November 4, 2021.
  97. Intelligence, Microsoft Threat (December 28, 2020). "Using Microsoft 365 Defender to protect against Solorigate". Microsoft Security Blog. Retrieved October 30, 2024.
  98. "Class Action Lawsuit Filed Against SolarWinds Over Hack". SecurityWeek.Com. January 6, 2021. Archived from the original on February 1, 2021. Retrieved January 13, 2021.
  99. McCarthy, Kieren (January 5, 2021). "Ah, right on time: Hacker-slammed SolarWinds sued by angry shareholders". The Register. Archived from the original on March 17, 2021. Retrieved January 13, 2021.
  100. Johnson, Derek B. (March 31, 2022). "Court denies SolarWinds bid to throw out breach lawsuit". scmagazine.com. Retrieved May 12, 2022.
  101. Whittaker, Zack (November 7, 2022). "SolarWinds says it's facing SEC 'enforcement action' over 2020 hack". TechCrunch. Retrieved February 8, 2023.