BrandWikiReturn

SolarWinds

SolarWinds Corporation is an American company that develops software for businesses to help manage their networks, systems, and information technology infrastructure. It is headquartered in Austin, Texas, with sales and product development offices in a number of locations in the United States and several other countries.[2]

The company was publicly traded from May 2009 until the end of 2015, and again from October 2018. It has also acquired a number of other companies, some of which it still operates under their original names, including Pingdom, Papertrail, and Loggly.

The company had about 300,000 customers as of December 2020, including nearly all Fortune 500 companies and numerous agencies of the US federal government.[3][4]

A SolarWinds product, Orion, used by about 33,000 public and private sector customers, was the focus of a U.S. federal government data leak in 2020. The attack persisted undetected for months in 2020, and additional details about the breadth and depth of compromised systems continued to surface after the initial disclosure.[5] In February 2021, Microsoft President Brad Smith said that it was "the largest and most sophisticated attack the world has ever seen".[6]

History

SolarWinds began in 1999 in Tulsa, Oklahoma, co-founded by brothers Donald Yonce (a former executive at Walmart) and Dave Yonce.[7][8][9] SolarWinds released its first products, Trace Route and Ping Sweep, earlier in March 1998 and released its first web-based network performance monitoring application in November 2001.[10] In 2006, the company moved its headquarters to Austin, Texas, where about 300 of the company's total 450 employees were based as of 2011.[7] The company was profitable from its founding through its IPO in 2009.[11]

During 2007, SolarWinds raised funding from Austin Ventures, Bain Capital, and Insight Venture Partners.[12][13] SolarWinds completed an initial public offering of US$112.5 million in May 2009,[14] closing at higher prices after its initial day of trading.[15] The IPO from SolarWinds was followed by another from OpenTable (an online restaurant-reservation service), which was perceived to break a dry spell during the Great Recession, when very few companies went public.[16] Both Bain Capital and Insight Venture Partners backed the IPO and used the opportunity to sell some of their shares during the offering.[11]

Analysts and company executives anticipated continued expansion post-IPO, including several acquisitions.[17] In 2010, Bennett retired as CEO and was replaced by the company's former chief financial officer Kevin Thompson.[14] In May 2013, SolarWinds announced plans to invest in an operations hub in Salt Lake City, Utah. It was named by Forbes as "Best Small Company in America, citing high-functioning products for low costs and impressive company growth." By 2013, SolarWinds employed about 900 people.[18]

Acquisition by private equity technology investment firms Silver Lake Partners and Thoma Bravo, LLC. was announced in late 2015, and by January 2016, SolarWinds was taken private in a $4.5 billion deal.[19][20] At the time, the company had 1,770 employees worldwide with 510 based in Austin, and reported revenues of about half a billion dollars a year.[21]

In November 2017, SolarWinds released AppOptics which integrates much of its software portfolio, including Librato and TraceView, into a single software-as-a-service package. AppOptics included compatibility with Amazon Web Services and Microsoft Azure.[22]

In September 2018, SolarWinds filed for a public offering again, after three years of being owned by private equity firms.[23][24] SolarWinds completed its public offering on October 19, 2018.[25]

On December 7, 2020, CEO Kevin Thompson retired, to be replaced by Sudhakar Ramakrishna, CEO of Pulse Secure, effective January 4, 2021.[26][27]

On January 8, 2021, the company hired former CISA director Chris Krebs to help the company work through the recent cyber attack.[28]

In July 2021, SolarWinds separated its managed service provider (MSP) business from the main company. The new separately-traded public company is named N-able.[29][30]

In February 2025, the company announced that it would be acquired by private equity firm Turn/River Capital for $4.4 billion; the deal received approval from Thoma Bravo and Silver Lake, SolarWinds' majority shareholders with a combined 65% of the outstanding voting securities.[31] The deal was closed on April 18, 2025 for $18.50 per share and the company delisted from the New York Stock Exchange.[32]

Acquisitions

According to The Wall Street Journal, SolarWinds offers freely downloadable software to potential clients and then markets more advanced software to them by offering trial versions.[33] Following the funding in 2007, SolarWinds acquired several companies including Neon Software and ipMonitor Corp. and opened a European sales office in Ireland.[34]

During and after its IPO in 2009, SolarWinds acquired a number of other companies and products, including the acquisition of the New Zealand–based software maker Kiwi Enterprises, which was announced in January 2009.[35]

SolarWinds acquired several companies in 2011 and was ranked number 10 on Forbes magazine's list of fastest-growing tech companies.[36] In January 2011, it acquired Hyper9 Inc, an Austin-based virtualization management company with undisclosed terms.[37] In July, SolarWinds completed the acquisition of the Idaho-based network security company TriGeo for $35 million.[36][38] TriGeo's offices in Post Falls were added to the list of SolarWinds location which already included satellite offices in Dallas, Salt Lake City, and Tulsa, as well as operations in Australia, the Czech Republic, India, Ireland, and Singapore.[39] In 2012 SolarWinds acquired the patch management software provider EminentWare,[40] and RhinoSoft, adding the latter company's FTP Voyager product to SolarWinds' product suite.[41]

In early 2013, SolarWinds acquired N-able Technologies, a cloud-based information technology services provider. The deal was reportedly valued $120 million in cash.[42] In late 2013, it acquired the Boulder, Colorado–based database performance management company Confio Software.[43] With the $103 million agreement, SolarWinds gained a sales office in London and Confio's main product, Ignite.[44] Between 2014 and 2015, the company acquired the Swedish web-monitoring company Pingdom,[45][46] the San Francisco–based metrics and monitoring company Librato (for $40 million),[47] and the log management service Papertrail (for $41 million).[48]

Between 2015 and 2020, SolarWinds acquired Librato (a monitoring company),[49] Capzure Technology (an MSP Manager software to N-able which SolarWinds had previously acquired),[50] LogicNow (a remote monitoring software company),[51] SpamExperts (an email security company),[52] Loggly (a log management and analytics company),[53] Trusted Metrics (a provider of threat monitoring and management software),[54] Samanage (a service desk and IT asset management provider),[55] VividCortex (a database performance monitor),[56] and SentryOne (a provider of database performance monitoring).[57]

2019–2020 supply chain attacks

SUNBURST

On December 13, 2020, The Washington Post reported that multiple government agencies were breached through SolarWinds's Orion software.[58] The next day, the company stated in an SEC filing that fewer than 18,000 of its 33,000 Orion customers were affected, involving certain hotfixes of versions 2019.4 through 2020.2.1, released between March 2020 and June 2020.[3] According to Microsoft, hackers acquired superuser access to SAML token-signing certificates.[59] This SAML certificate was then used to forge new tokens to allow hackers trusted and highly privileged access to networks.[60] The Cybersecurity and Infrastructure Security Agency issued Emergency Directive 21–01 in response to the incident, advising all federal civilian agencies to disable Orion.[61]

APT29, aka Cozy Bear, working for the Russian Foreign Intelligence Service (SVR), was reported to be behind the 2020 attack.[62][63] Victims of this attack include the cybersecurity firm FireEye, the US Treasury Department, the US Department of Commerce's National Telecommunications and Information Administration, as well as the US Department of Homeland Security.[64][65] Prominent international SolarWinds customers investigating whether they were impacted include the North Atlantic Treaty Organization (NATO), the European Parliament, UK Government Communications Headquarters, the UK Ministry of Defence, the UK National Health Service (NHS), the UK Home Office, and AstraZeneca.[66][67] FireEye reported the hackers inserted "malicious code into legitimate software updates for the Orion software that allow an attacker remote access into the victim's environment" and that they have found "indications of compromise dating back to the spring of 2020".[68] FireEye named the malware SUNBURST.[69][70] Microsoft called it Solorigate.[71][70]

The attack used a backdoor in a SolarWinds library; when an update to SolarWinds occurred, the malicious attack would go unnoticed due to the trusted certificate.[72] In November 2019, a security researcher notified SolarWinds that credentials to a third party FTP server had a weak password of "solarwinds123", warning that "any hacker could upload malicious [code]" that would then be distributed to SolarWinds customers.[73][74] The New York Times reported SolarWinds did not employ a chief information security officer and that employee passwords had been posted on GitHub in 2019.[75]

On December 15, 2020, SolarWinds reported the breach to the Securities and Exchange Commission. However, SolarWinds continued to distribute malware-infected updates, and did not immediately revoke the compromised digital certificate used to sign them.[76][77][78]

On December 16, 2020, German IT news portal Heise.de reported that SolarWinds had for some time been encouraging customers to disable anti-malware tools before installing SolarWinds products.[79][80]

On December 17, 2020, SolarWinds said it would revoke the compromised certificates by December 21, 2020.[81]

On December 21, 2020, Attorney General William Barr stated that he believed that the SolarWinds hack appears to have been perpetrated by Russia, contradicting speculations by President Donald Trump that China, not Russia, might be to blame.[82]

In late December 2020, Trustwave, a cybersecurity firm, reached out to SolarWinds to report new security flaws they had discovered in software produced by SolarWinds. Although these vulnerabilities hadn't been taken advantage of by hackers, it raised questions concerning the network security of SolarWinds' customers.[83]

The magnitude of the monetary damage has yet to be calculated, but on January 14, 2021, CRN.com reported that the attack could cost cyber insurance firms at least $90 million.[84][85]

On March 1, 2021, SolarWinds CEO, Sudhakar Ramakrishna, blamed a company intern for using an insecure password ("solarwinds123") on its update server. Speculation that this led to the attack is discounted by the company and security professionals.[86][87] More than the intern using a weak password, experts noted that the main issue this fact highlights is the poor security culture the company has.[88]

In the aftermath of the incident there has been question raised within the US Government about the role Microsoft carried out in enabling the breach. This relates to the "golden SAML" vulnerability in Microsoft's directory offerings that the company had knowledge of but did not address. Senator Ron Wyden questioned why the US Government spent so much money on Microsoft software without the company warning it of this hacking technique.[89]

SUPERNOVA

On December 19, 2020, Microsoft said that its investigations into supply chain attacks at SolarWinds had found evidence of an attempted supply chain attack distinct from the attack in which SUNBURST malware was inserted into Orion binaries (see previous section).[90][91] This second attack has been dubbed SUPERNOVA.[90][91]

Security researchers from Palo Alto Networks said the SUPERNOVA malware was implemented stealthily.[92] SUPERNOVA comprises a very small number of changes to the Orion source code, implementing a web shell that acts as a remote access tool.[92][93] The shell is assembled in-memory during SUPERNOVA execution, thus minimizing its forensic footprint.[92]

Unlike SUNBURST, SUPERNOVA does not possess a digital signature.[92] This is among the reasons why it is thought to have originated with a different group than the one responsible for SUNBURST.[92][94]

Insider trading claims

SolarWinds's share price fell 25% within days of the SUNBURST breach becoming public knowledge,[95] and 40% within a week.[96] Insiders at the company had sold approximately $280 million in stock shortly before this became publicly known,[97] which was months after the attack had started. A spokesperson said that those who sold the stock had not been aware of the breach at the time.[98][99][100]

Microsoft guidance on service provider and downstream business attacks

In November 2021 Microsoft issued an alert[101] in relation to the advanced persistent threat (APT) actor Nobelium (aka APT29; Cozy Bear) that was responsible for the 2020 SolarWinds supply chain attack is targeting cloud service providers (CSPs), managed service providers (MSPs), and other IT service providers. Microsoft Threat Intelligence Center (MSTIC) released a range of recommendations for service providers and downstream businesses to implement in order to address the threat.[102]

Lawsuits

In January 2021, a class action lawsuit was filed against SolarWinds in relation to its security failures and subsequent fall in share price.[103][104] SolarWinds attempted to have this case dismissed; in March 2022, a judge ruled that the class action lawsuit could move forward.[105] SolarWinds settled the suit for $26 million in November 2022, and was notified by the SEC that it intended to take enforcement action.[106] The SEC sued SolarWinds in October 2023,[107] however, the case was dropped in November 2025.[108][109][110]

See also

  • Record_sealing

External links

References

  1. SolarWinds Corporation 2022 Annual Report (Form 10-K) U.S. Securities and Exchange Commission, 22 February 2023^
  2. Treva Lind. SolarWinds blows into Post Falls Journal of Business, 2011-09-22, retrieved 2018-01-23^
  3. Catalin Cimpanu. SEC filings: SolarWinds says 18,000 customers were impacted by recent hack ZDNet, retrieved December 18, 2020^
  4. David E. Sanger, Nicole Perlroth, Eric Schmitt. Scope of Russian Hack Becomes Clear: Multiple U.S. Agencies Were Hit New York Times, December 15, 2020, retrieved December 18, 2020^
  5. Catalin Cimpanu. Microsoft says it identified 40+ victims of the SolarWinds hack ZDNet, retrieved December 19, 2020^
  6. SolarWinds is 'largest' cyberattack ever, Microsoft president says Politico, February 15, 2021, retrieved 15 February 2021^
  7. Barry Harrell. Fast-growing Austin software maker Solarwinds acquires Idaho company Austin American-Statesman, 2011-07-05, retrieved 2018-01-23^
  8. Liana B. Baker. SolarWinds confirms it is exploring strategic alternatives Reuters, 2015-10-09, retrieved 2018-01-23^
  9. Chase Peterson-Withorn. Who Got Rich This Week: SolarWinds Founder Yonce's Fortune Jumps Due To $4.5 Billion Sale Agreement Forbes, 2015-10-23, retrieved 2018-01-23^
  10. Corporate Fact Sheet SolarWinds, 2008, retrieved 17 February 2017^
  11. Lynn Cowan. Bright Start for SolarWinds Stock Wall Street Journal, 2009-05-22, retrieved 2018-01-23^
  12. SolarWinds raises $7.5M Austin Business Journal, 2007-02-05, retrieved 2018-01-24^
  13. Chris Morrison. Is network management growing? SolarWinds picks up Kiwi Enterprises VentureBeat, 2009-01-06, retrieved 2018-01-24^
  14. Lori Hawkins. SolarWinds keeps on growing Austin American-Statesman, 2011-11-20, retrieved June 17, 2013^
  15. Ashlee Vance, Claire Cain Miller. SolarWinds Beats Odds With Public Offering Bits Blog, 2009-05-20, retrieved 2018-01-23^
  16. Claire Cain Miller. Investors Find an Appetite for Tech Offerings The New York Times, 2009-05-21, retrieved 2018-01-24^
  17. Reinhardt Krause. SolarWinds Acquisition Spree Expected To Keep Going Investor's Business Daily, 2014-11-26, retrieved 2018-01-24^
  18. Jasen Lee. Tech firm to bring more than 1,000 jobs to Utah Deseret News, 2013-05-09, retrieved 2018-01-24^
  19. Ezequiel Minaya. SolarWinds to be Bought by Silver Lake, Thoma Bravo Wall Street Journal, 2015-10-21, retrieved 2018-01-30^
  20. Kshitiz Goliya. Silver Lake, Thoma Bravo to take SolarWinds private in $4.5 billion deal Reuters, 2015-10-21, retrieved 2018-01-30^
  21. Lilly Rockwell. Austin software maker SolarWinds completes $4.5 billion sale Austin American-Statesman, February 5, 2016, retrieved 5 May 2016^
  22. Chuck Moozakis. SolarWinds' AppOptics melds network device monitoring, app behavior TechTarget, 2017-11-21, retrieved 2018-01-30^
  23. Claudia Assis. Software provider Solarwinds files for IPO MarketWatch, retrieved 2018-10-01^
  24. Lori Hawkins. Austin software maker SolarWinds files paperwork to go public again Austin American-Statesman, 2018-06-12, retrieved 2025-11-24^
  25. SolarWinds prices reduced IPO at low end of lowered expected range MarketWatch.com, October 19, 2018, retrieved 19 October 2018^
  26. O’Ryan Johnson. SolarWinds Names New CEO As Potential Spin-off Inches Forward CRN, 2020-12-09, retrieved 2020-12-20^
  27. SolarWinds Appoints Sudhakar Ramakrishna as New President and Chief Executive Officer businesswire.com, 2020-12-09, retrieved 2020-12-20^
  28. Laura Hautala. SolarWinds hires former CISA director Chris Krebs to consult on hack aftermath CNET, retrieved 2021-01-10^
  29. Kara Carlson. Austin's SolarWinds spins off business unit into new company, N-able Austin American-Statesman, 2021-07-20, retrieved 2025-11-19^
  30. Joseph F. Kovar. Solarwinds Spin-Off N-able Goes Public With Clear Focus On MSP Mission www.crn.com, retrieved 2025-11-19^
  31. Michael Novinson. SolarWinds to Be Purchased By Turn/River Capital for $4.4B DataBreach Today, 2025-02-07, retrieved 2025-02-07^
  32. Allison Francis. SolarWinds Acquired by Turn/River in $4.4B Deal Channel Insider, 2025-04-18, retrieved 2025-04-21^
  33. Lynn Cowan. Bright Start for SolarWinds Stock The Wall Street Journal, 2009-05-22, retrieved 2018-07-16^
  34. Maxwell Cooter. Solar Winds finally blows into Europe Techworld, retrieved 2018-01-24^
  35. Denise Dubie. SolarWinds acquires Kiwi Enterprises Network World, 2009-01-05, retrieved 2018-01-30^
  36. Barry Harrell. Fast-growing Austin software maker Solarwinds acquires Idaho company Austin American-Statesman, 2011-07-05, retrieved 2018-07-16^
  37. SolarWinds acquires Hyper9 Austin Business Journal, 2011-01-19, retrieved 2018-01-30^
  38. Robin Wauters. SolarWinds Buys Network Security Company TriGeo For $35 Million In Cash TechCrunch, 2011-06-23, retrieved 2018-01-30^
  39. Treva Lind. SolarWinds blows into Post Falls Spokane Journal, 2011-09-22, retrieved 2018-07-16^
  40. Nicholas Mukhar. SolarWinds Acquires EminentWare for Patch Management Software Channel Futures, 2012-02-02, retrieved 2024-03-11^
  41. Richard Hay. RhinoSoft Acquired by SolarWinds – FTP Voyager Now Offered as Free Tool WindowsObserver.com, 2012-12-18, retrieved 2018-01-30^
  42. Debbie Cai. SolarWinds to Buy N-able Technologies for $120 Million The Wall Street Journal, 2013-05-21, retrieved 2024-03-11^
  43. SolarWinds Acquires Confio Software www.apmdigest.com, retrieved 2025-12-09^
  44. SolarWinds buys Confio Software for $103M The Denver Post, 2013-10-07, retrieved 2018-01-23^
  45. Dan Kobialka. SolarWinds Adds Pingdom to Its Performance Management Portfolio Channel Futures, 2014-06-20, retrieved 2024-03-11^
  46. Lori Hawkins. Austin-based SolarWinds acquires Stockholm-based company Austin American-Statesman, 2014-06-18, retrieved 2018-01-23^
  47. SolarWinds Expands Its Cloud Monitoring and Management Footprint With Acquisition of Librato MarketWatch, retrieved 5 May 2016^
  48. Frederic Lardinois. SolarWinds Acquires Log Management Service Papertrail For $41M In Cash TechCrunch, AOL, 2015-04-28, retrieved 5 May 2016^
  49. Karla Wells. SolarWinds Expands Its Cloud Monitoring and Management Footprint with Acquisition of Librato SolarWinds News Room, 2015-01-29, retrieved 2018-07-16^
  50. Jessica Davis. SolarWinds N-able to Roll Out Competitively Priced MSP Manager Platform Channel Futures, 2015-08-24, retrieved 2024-03-11^
  51. Brendon Foye. SolarWinds acquires LogicNow, creates new company CRN Australia, 2016-06-02, retrieved 2018-01-23^
  52. Karla Wells. SolarWinds MSP Acquires SpamExperts to Enhance its Growing Product Portfol SolarWinds News Room, 2017-08-29, retrieved 2018-07-16^
  53. Frederic Lardinois. SolarWinds acquires log-monitoring service Loggly TechCrunch, 2018-01-08, retrieved 2018-07-16^
  54. SolarWinds acquires Trusted Metrics, Adding Threat Monitoring and Management to Its IT Management Portfolio 2018-07-10, retrieved 2018-08-01^
  55. Hagar Ravet. SolarWinds Buys IT Software Company Samanage For $350 Million CTECH - www.calcalistech.com, 2019-04-14, retrieved 2025-12-09^
  56. Joseph F. Kovar. SolarWinds Pays $117.5M To Acquire VividCortex, Expanding MSP Database Management CRN, 16 December 2019, retrieved 9 December 2025^
  57. SolarWinds Snaps Up SentryOne To Enhance Database Management Capabilities SmarterAnalyst, 2020-10-26, retrieved 2020-10-26^
  58. Orion platform (archived website copy)^
  59. CrowdStrike breaks down 'Golden SAML' attack Security, retrieved 2024-01-27^
  60. John Lambert. Important steps for customers to protect themselves from recent nation-state cyberattacks Microsoft, 2020-12-13, retrieved 2020-12-13^
  61. CISA Issues Emergency Directive to Mitigate the Compromise of SolarWinds Orion Network Management Products Cybersecurity & Infrastructure Security Agency, December 13, 2020, retrieved 2020-12-15^
  62. Russian government spies are behind a broad hacking campaign that has breached U.S. agencies and a top cyber firm The Washington Post, 2020-12-13, retrieved 2020-12-13^
  63. Assembling the Russian Nesting Doll: UNC2452 Merged into APT29 Mandiant, retrieved 2023-05-17^
  64. Catalin Cimpanu. Microsoft, FireEye confirm SolarWinds supply chain attack ZDNet, retrieved 2020-12-14^
  65. Suspected Russian hackers breached U.S. Department of Homeland Security - sources Reuters, December 14, 2020, retrieved December 16, 2020^
  66. Gallanger, Ryan, Donaldson, Kitty, et al. (15 December 2020). "U.K. Government, NATO Join U.S. in Monitoring Risk From Hack". Bloomberg News website Retrieved 15 December 2020.^
  67. Field, Matthew. (16 December 2020). "SolarWinds shareholders sold $280m days before breach was revealed". The Telegraph website Retrieved 16 December 2020.^
  68. Global Intrusion Campaign Leverages Software Supply Chain Compromise FireEye, retrieved December 18, 2020^
  69. Microsoft, FireEye confirm SolarWinds supply chain attack ZDNet, December 14, 2020, retrieved December 16, 2020^
  70. Sunburst Trojan – What You Need to Know Deep Instinct, December 16, 2020, retrieved December 17, 2020^
  71. The SolarWinds Perfect Storm: Default Password, Access Sales and More threatpost.com, December 16, 2020, retrieved December 17, 2020^
  72. Microsoft, Customer Guidance on Recent Nation-State Cyber Attacks Microsoft Security Response Center, 2020-12-13, retrieved 2020-12-15^
  73. Sam Varghese. iTWire - SolarWinds FTP credentials were leaking on GitHub in November 2019 itwire.com, retrieved December 16, 2020^
  74. Raphael Satter, Christopher Bing, Joseph Menn. Hackers used SolarWinds' dominance against it in sprawling spy campaign Reuters, December 15, 2020, retrieved 2020-12-16^
  75. David E. Sanger, Nicole Perlroth, Julian E. Barnes. Billions Spent on U.S. Defenses Failed to Detect Giant Russian Hack The New York Times, December 16, 2020, retrieved December 18, 2020^
  76. SolarWinds Hack Could Affect 18K Customers — Krebs on Security retrieved December 16, 2020^
  77. Kieren McCarthy. SolarWinds: Hey, only as many as 18,000 customers installed backdoored software linked to US govt hacks The Register, 2020-12-15, retrieved December 16, 2020^
  78. Sam Varghese. iTWire - Backdoored Orion binary still available on SolarWinds website itwire.com, retrieved December 16, 2020^
  79. The SolarWinds Perfect Storm: Default Password, Access Sales and More threatpost.com, December 16, 2020, retrieved December 17, 2020^
  80. heise online. l+f SolarWinds-Backdoor: Hersteller sorgte für Ausnahmen von AV-Überwachung Security, December 16, 2020, retrieved December 17, 2020^
  81. Joseph F. Kovar, O'Ryan Johnson. SolarWinds MSP To Revoke Digital Certificates For Tools, Issue New Ones As Breach Fallout Continues CRN, December 17, 2020, retrieved December 18, 2020^
  82. Christina Wilkie. Attorney General Barr breaks with Trump, says SolarWinds hack 'certainly appears to be the Russians' CNBC, NBCUniversal News Group, 21 December 2020, retrieved 22 December 2020^
  83. Ken Dilanian. More exploitable flaws found in SolarWinds software, says cybersecurity firm NBC News, February 3, 2021, retrieved June 10, 2021^
  84. SolarWinds Hack Could Cost Cyber Insurance Firms $90 Million January 14, 2021, retrieved January 14, 2021^
  85. Everything You Need To Know About SolarWinds Supply-Chain Attack The Hack Report, February 5, 2021^
  86. SolarWinds Blames Intern for Weak Password That Led to Biggest Attack in 2020 The Hacker News, retrieved 2021-03-01^
  87. SolarWinds CEO expresses regret for 'blame the intern' defense during Orion hack investigation SC Magazine, May 19, 2021, retrieved 2021-08-09^
  88. "it's a safe bet that a security culture that enabled such a basic mistake couldn't have helped". SolarWinds security fiasco may have started with simple password blunders ZDNet, retrieved March 4, 2021^
  89. Preston Gralla. Does Microsoft share blame for the SolarWinds hack? Computerworld, 2021-03-22, retrieved 2024-01-27^
  90. Christopher Bing. Second hacking team was targeting SolarWinds at time of big breach Reuters, December 19, 2020, retrieved December 23, 2020^
  91. New Zero-Day, Malware Indicate Second Group May Have Targeted SolarWinds SecurityWeek, 2020-12-28, retrieved 2021-01-13^
  92. New SUPERNOVA backdoor found in SolarWinds cyberattack analysis BleepingComputer, retrieved December 23, 2020^
  93. Microsoft identifies second hacking group affecting SolarWinds software CyberScoop, December 21, 2020, retrieved December 23, 2020^
  94. Catalin Cimpanu. A second hacking group has targeted SolarWinds systems ZDNet, retrieved December 23, 2020^
  95. What you need to know about the biggest hack of the US government in years the Guardian, December 15, 2020, retrieved December 16, 2020^
  96. SolarWinds Adviser Warned of Lax Security Years Before Hack Bloomberg.com, December 21, 2020, retrieved December 23, 2020^
  97. Investors in breached software firm SolarWinds traded $280 million in stock days before hack was revealed The Washington Post, 2020-12-16, retrieved 2020-12-16^
  98. Jordan Novet. SolarWinds hack has shaved 23% from software company's stock this week CNBC, December 16, 2020, retrieved December 17, 2020^
  99. Dan Primack. SolarWinds denies insider trading activity ahead of hack revelation Axios, December 18, 2020, retrieved December 23, 2020^
  100. SolarWinds Claims Execs Unaware of Breach When They Sold Stock | SecurityWeek.Com securityweek.com, December 22, 2020, retrieved December 23, 2020^
  101. NOBELIUM targeting delegated administrative privileges to facilitate broader attacks Microsoft Security Blog, 2021-10-25, retrieved 2021-11-04^
  102. Microsoft Threat Intelligence. Using Microsoft 365 Defender to protect against Solorigate Microsoft Security Blog, 2020-12-28, retrieved 2024-10-30^
  103. Class Action Lawsuit Filed Against SolarWinds Over Hack SecurityWeek.Com, 2021-01-06, retrieved 2021-01-13^
  104. Kieren McCarthy. Ah, right on time: Hacker-slammed SolarWinds sued by angry shareholders The Register, 2021-01-05, retrieved 2021-01-13^
  105. Derek B. Johnson. Court denies SolarWinds bid to throw out breach lawsuit scmagazine.com, 2022-03-31, retrieved 2022-05-12^
  106. Zack Whittaker. SolarWinds says it's facing SEC 'enforcement action' over 2020 hack TechCrunch, 2022-11-07, retrieved 2023-02-08^
  107. Chris Prentice. US SEC sues SolarWinds for concealing cyber risks before massive hacking Reuters, October 31, 2023, retrieved December 8, 2025^
  108. Chris Prentice. US SEC dismisses case against SolarWinds, top security officer Reuters, November 21, 2025, retrieved December 8, 2025^
  109. SEC drops civil fraud case against SolarWinds www.cybersecuritydive.com, retrieved 2025-12-09^
  110. Kyle Alspach. SEC Drops Remaining Claims Against SolarWinds Over 2020 Hack CRN, 20 November 2025, retrieved 9 December 2025^