Investment firms at risk as Canada's spy agency issues warning

Canadian organizations are being urged to take immediate action to mitigate the risk from a new cyberthreat

Investment firms at risk as Canada's spy agency issues warning
Steve Randall

A cybersecurity threat that could impact hundreds of thousands of organizations worldwide has prompted Canada’s digital spy agency to issue an urgent warning.

The risk has emerged following the discovery of a vulnerability in updates for software that it widely used to manage IT systems, SolarWinds’ Orion.

It appears that the threat has been ongoing since March, when organizations were in the early stages of managing the pandemic, which has been identified as a risk factor for cyberthreats.

According to SolarWinds’ statement, its systems experienced “a highly sophisticated, manual supply chain attack” which was likely conducted by “an outside nation state” with speculation that Russia may have been responsible.

The hackers obtained access to systems in the spring when the firm issued an update for its software.

The Canadian Centre for Cyber Security warns that the hackers are highly evasive and that the threat is ongoing and that firms should take action to mitigate the risk.

Cybersecurity firm FireEye discovered the threat and says that it has also been a victim of the attack. It says that the hackers campaign is “widespread, affecting public and private organizations around the world.”

A recent report from the Canadian Bankers Association warned that too many Canadians are taking risks with their online data at a time when cyberthreats are rising.

Internet security firm MacAfee ranked Canada as one of the top 10 countries targeted by cyber criminals.

Government risk
Texas-based SolarWinds is a supplier to many large businesses and governments. It’s Orion platform is approved for use by the Canadian government but it is not clear whether any federal agencies have been impacted by the vulnerability.

The firm says that just 18,000 of its 275,000 global customers have downloaded the updates that have enabled hackers to gain access. The FT reports that, so far, no major companies have reported that they have been affected.

However, those who share date with affected companies could also be at risk.

SolarWinds is urging customers to check which versions of their software they are using and use security patches that are currently available with more due to be released December 15.

Further details are available at