SolarWinds compromise attributed to Russian state actor


New Zealand has today added its voice to the international condemnation of the malicious compromise and exploitation of the SolarWinds Orion platform.

The Minister Responsible for the Government Communications Security Bureau, Andrew Little, says that New Zealand's international partners have analysed the compromise of the SolarWinds Orion platform and attributed this malicious activity to Russian state actors.

"This compromise deployed malware indiscriminately around the world and has caused widespread disruption as many thousands of organisations had to apply security patches and check systems," said Andrew Little.

A significant number of New Zealand organisations use the SolarWinds Orion platform.

The GCSB's National Cyber Security Centre and CERT NZ have provided guidance for organisations to identify if the malicious code has been installed on their systems, and apply the appropriate security patches.

"While we have seen no indication that New Zealand organisations were targeted, the compromise caused disruption in New Zealand as organisations urgently checked their systems, applied security patches, and took action to protect themselves," the Minister said.

New Zealand condemns the unacceptable actions of Russian state actors and calls for all states to behave responsibly online.