This paper of work examines the SolarWinds attack, designed on Orion Platform security incident. It analyses the persistent threats agents and potential technical attack techniques to gain unauthorized access. In 2020 SolarWinds attack indicates an initial breach disclosure on Orion Platform software by malware distribution on IT and government organizations such as Homeland Security, Microsoft and Intel associated with supply chains leaks consequences from small loopholes in security systems. Hackers increased the number of infected company and businesses networks during the supply-chain attack, hackers were capable to propagate the attack by using a VMware exploit. On the special way they started to target command injections, privilege escalations, and use after free platforms of VMware. In this way, they gained access to Virtual Machines and in the east way pivot other servers. This literature review aim to analyze the security gap regarding to SolarWinds incident on Orion Platform, the impact on industry and financial sectors involving the elements of incident response plan. Therefore, this research paper ensures specifications of proper solutions for possible defense security systems by analyzing a SolarWinds attack case study via system evaluation and monitoring. It concludes with necessary remediation actions on cyber hygiene countermeasures, common vulnerabilities and exposure analysis and solutions.

翻译：本文系统审视了以Orion平台安全事件为载体的SolarWinds攻击，分析了持续性威胁代理及实现未授权访问的潜在技术攻击手段。2020年发生的SolarWinds攻击事件表明，攻击者通过恶意软件分发在IT与政府机构（如国土安全部、微软、英特尔等）的Orion平台软件上实现初始入侵披露，其供应链泄露后果源于安全系统中微小的漏洞。黑客在供应链攻击期间扩大了受感染企业及商业网络的范围，并通过利用VMware漏洞实现攻击传播。具体而言，攻击者开始针对VMware的命令注入、权限提升及释放后使用（Use-After-Free）平台进行定向攻击，藉此获取虚拟机访问权限，进而横向迁移至其他服务器。本文献综述旨在分析Orion平台SolarWinds安全事件中的安全缺口、对工业与金融领域的影响，以及事件响应计划所涉及的关键要素。为此，本文通过系统评估与监控，基于SolarWinds攻击案例研究，明确了可行的防御安全系统解决方案规范。最后，本文在网络安全卫生对策、常见漏洞与暴露分析及解决方案层面，提出了必要的修复措施。