NSW Health among users of compromised network management tool

Wednesday, 23 December 2020 09:31

NSW Health among users of compromised network management tool Featured

By Sam Varghese

Pixabay

The NSW Department of Health, a user of the Orion network management software that was compromised in a supply chain attack, says it was alerted on 14 December to the fact that an attack had taken place.

"To date, there has been no evidence found that NSW Health systems have been compromised and no evidence there has been any breach of patient information," an eHealth NSW spokesperson told iTWire in response to a query.

The attack came to light this month when cyber security firm FireEye announced on 9 December AEDT that it had been compromised and had its Red Team tools stolen.

Five days later, FireEye issued details about attacks using malware which it called SUNBURST, which it said had been used to hit both private and public entities, by corrupting the Orion network management software, a product of SolarWinds.

A number of US Government departments — Homeland Security and Treasury among them — have been named as being affected. FireEye, too, appears to have been a victim. The Orion software has very wide usage in the US and also in Britain.

The extent of its use in Australia is unclear, but the NSW Department of Health was named in a research brief issued by Fabio Viggani of the security firm TrueSec.

The brief also named Cisco, Deloitte and MediaTek as being targeted by the threat actor.

The spokesperson said: "The SolarWinds monitoring system is used by many organisations including NSW Health. It collects statistics and events at regular intervals to provide dashboarding, alerting and reporting functionality across our network.

"eHealth NSW can confirm that it has received the necessary updates from the vendor to ensure ongoing protection of its services.

"NSW Health continues to work closely with state and Federal Government cyber security agencies to ensure that any cyber event is prevented, detected and responded to in the most appropriate manner."

Though about 18,000 users of Orion were said to have received the compromised update, which was the first stage of the attack, it is unclear as how many were targeted in phase two.

Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!