This paper of work examines the SolarWinds attack, designed on Orion Platform security incident. It analyses the persistent threats agents and potential technical attack techniques to gain unauthorized access. In 2020 SolarWinds attack indicates an initial breach disclosure on Orion Platform software by malware distribution on IT and government organizations such as Homeland Security, Microsoft and Intel associated with supply chains leaks consequences from small loopholes in security systems. Hackers increased the number of infected company and businesses networks during the supply-chain attack, hackers were capable to propagate the attack by using a VMware exploit. On the special way they started to target command injections, privilege escalations, and use after free platforms of VMware. In this way, they gained access to Virtual Machines and in the east way pivot other servers. This literature review aim to analyze the security gap regarding to SolarWinds incident on Orion Platform, the impact on industry and financial sectors involving the elements of incident response plan. Therefore, this research paper ensures specifications of proper solutions for possible defense security systems by analyzing a SolarWinds attack case study via system evaluation and monitoring. It concludes with necessary remediation actions on cyber hygiene countermeasures, common vulnerabilities and exposure analysis and solutions.

翻译：本文研究基于Orion平台安全事件的SolarWinds攻击，分析了持续威胁代理及为实现未授权访问而采用的潜在技术攻击手段。2020年的SolarWinds攻击标志着Orion平台软件因恶意软件分发而首次出现安全漏洞披露，波及了IT及政府机构，如国土安全部、微软和英特尔，并因安全系统中的微小漏洞引发了供应链泄露后果。攻击者利用VMware漏洞，在供应链攻击期间增加了受感染的公司及企业网络数量。他们通过特定方式针对VMware平台发起命令注入、权限提升及释放后使用攻击。借此途径，攻击者获取了虚拟机访问权限，并横向渗透至其他服务器。本文献综述旨在分析SolarWinds事件中Orion平台的安全缺陷、对工业及金融领域的影响，以及事件响应计划的相关要素。因此，本研究论文通过系统评估与监控，以SolarWinds攻击案例研究为基础，针对可能的防御安全系统提出了具体解决方案，最终总结了网络卫生对策、常见漏洞与暴露分析及必要的补救措施。