Redact your public SolarWinds product review, you’re a target!

SolarWinds customers need digital footprint awareness

Being proactive in understanding your organization and its personnel’s digital footprints is part of a process known as intelligence-driven defense (IDD). It is important to know what a threat actor is collecting about your personnel and organization. As a SolarWinds customer, knowing what information is out there from a threat actor’s perspective will help your team understand where potential weaknesses lie and how to be ready in case an attacker attempts to exploit those weaknesses. More importantly, there are many tactics security teams can employ to make threat actors work a lot harder and slow them down.

solarwinds product review overshare

Oversharing makes threat actors jobs easier

A lot of information is overshared on social media – in this case, we’re discussing technology product reviews. Threat actors (scammers, hackers, and others) who are targeting your organization are always trying to acquire exploitable information. Reconnaissance is where any given attacker is most likely to spend the majority of his or her time. After all, most cyber attacks begin as some form or other of social engineering or intelligence gathering, thus requiring the attacker to collect and analyze detailed information on his targets to gain access to their systems.

Once an attacker has decided on a target, they cannot blindly launch an attack. First, they must understand the type of systems employed by the individual or organization (Technical), the personnel at the organization (People), and the organization itself (Organizational). At this point, he or she must analyze this information to determine weaknesses. Social media product reviews are a intelligence rich environment to gather this open-source intelligence (OSINT).

Technical information from OSINT comes in different forms

Technical information gathering is, well, just that – gathering information on an organization’s technical resources. This includes active scanning, passive scanning, determining 3rd party infrastructure, understanding domain and IP address spaces, enumerating network trust dependencies, building email address formats, identifying defensive capabilities, and collecting technology usage patterns. This also applies to technical information that can be derived from social media intelligence. Organizations should understand quality open source intelligence can be gathered from technology product reviews.

Mitre ATT&CK Framework

Read more about the Mitre PRE ATT&CK

solarwinds product review overshare

You may be exposed as a result of a product review

The DigitalStakeout team has discovered a troubling amount of product reviews that attribute SolarWinds customers’ details that can be collected exploited by nefarious actors and other third parties. In many cases, these are public-facing reviews that contain the exact name, title, and description of how SolarWinds is deployed in an environment. This type of information is unnecessary exposure to your organization. It’s DigitalStakeout’s recommendation SolarWinds customers impacted by the compromise should remove any attributable technology product reviews immediately.

Use DigitalStakeout Scout to detect digital risk and exposures

Organizations should use DigitalStakeout Scout to monitor and detect digital footprint and exposures. DigitalStakeout will help you understand how to take steps to reduce your digital exposure in a manner that does not prohibit your employees and organization to thrive in a digital driven world and economy. Reviews are great and they are needed in the marketplace. However, they should be done on sites in ways that don’t create unnecessary risk to your organization in the process. If you need immediate help with this concern, please contact us and a member of our team will get back to you ASAP.