December 20, 2020

SolarWinds: Software Supply Chain Attack

Lookout detects app risks and ensures compliance

With the rich data from our mobile app risk assessments in the Lookout Security Graph, you are able to create app scoring customized to your organization’s governance, risk and compliance requirements. We enable you to understand how apps interact with each other, the geo-location of IP addresses to which an app communicates, if an app has risky or malicious components, and whether the data transfer and storage are encrypted.


The cyberattacks on organizations that were made possible by exploiting a vulnerability in the Solarwinds Orion product are exemplary of a software supply chain attack, in which a backdoor was created in a network management software used by 18,000 organizations. The associated malware has the ability to transfer files, execute files, profile the system, reboot the machine, and disable system services. All traffic was made to look like typical network traffic for a management tool.

Lookout Analysis

Mobile apps could be susceptible to software supply chain attacks, particularly as many of the apps used by employees are not provided or vetted by IT. The cyberattacks enabled by Solarwinds exploit highlight the need to have visibility into everything that touches your corporate infrastructure – especially from third-party vendors.

In the context of mobile, it can be difficult to understand app permissions and how they access, handle, or transfer data on the device. Admins need a way to make informed decisions about whether they permit employees to use specific apps on their devices without invading their privacy.

In addition, it is critical to ensure app updates are performed securely by verifying app certificates to validate they are signed by the same developer as previous versions. It is recommended to always test an app software update from a third-party vendor in a sandbox environment to ensure it is safe for your employees.



Cloud & Endpoint Security

Lookout is a cybersecurity company that makes it possible for tens of millions of individuals, enterprises and government agencies to be both mobile and secure. Powered by a dataset of virtually all the mobile code in the world -- 40 million apps and counting -- the Lookout Security Cloud can identify connections that would otherwise go unseen and predict and stop mobile attacks before they do harm. The world’s leading mobile network operators, including AT&T, Deutsche Telekom, EE, KDDI, Orange, Sprint, T-Mobile and Telstra, have selected Lookout as its preferred mobile security solution. Lookout is also partnered with such enterprise leaders as AirWatch, Ingram Micro, Microsoft, and MobileIron. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C.

Threat Type
Entry Type
Threat Guidances
Platform(s) Affected
Threat Guidances

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.