CISA Issues Emergency Warning For SolarWinds Software


More Evidence Dominion Voting Systems Compromised?

There has been ongoing reporting and evidence coming forward that Dominion Voting Systems (DVS) had, and still has, major security flaws with its voting system. These flaws were the reason one major U.S. state chose not to permit its use in their election process. The Secretary of State of Texas noted that DVS:

could not get certified by the State of Texas after failing to meet the state’s election standards for efficiency, accuracy, and safety from “fraudulent or unauthorized manipulation.”

Now, information is being reported that Dominion Voting Systems uses SolarWinds products by Orion. This company has been named in a recently released warning from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) that all federal civilian agenciesreview their networks for indicators of compromise and disconnect or power down SolarWinds orion products immediately.” The agency also encouraged all U.S.G. partners in the public and private sectors to assess their exposure and to secure their networks. CISA says that a “known compromise of the SolarWinds products is currently being exploited by malicous actors.”

@CodeMonkeyz tweeted that Dominion Voting Systems uses the SolarWinds products and provided a screenshot of the logon to their system showing that it utilizes SolarWinds products – at least in part. The SolarWinds products claim to be a suite of products that simplify IT management and provide protection from online threats… (apparently not per CISA).

(SolarWinds) is your customers’ best defense against ransomware, zero-day attacks, and evolving online threats. Endpoint detection and response uses AI to help protect against nearly every type of attack aimed at endpoints in real time and can even roll …

It is still unknown at this point who the “malicious actors” are that CISA says are exploiting SolarWinds’ software vulnerabilities. CISA noted that this was the fifth emergency directive it had issued since the passage of the 2015 Cybersecurity Act by Congress.