Skip Links
Sector Participants > IESO News > SolarWinds Orion Incident

News and Updates

SolarWinds Orion Incident

January 7, 2021

As reported in various news outlets over the past few weeks, certain versions of SolarWinds’ Orion software, a network management platform, contained a strain of malware named SUNBURST that has affected a wide range of organizations in North America and around the world.   As the IESO does not use this software, it has not been directly impacted by the incident.

Organizations that may have installed the SUNBURST malware are recommended to apply the software patches that have been made available by SolarWinds in order to remediate the malware.

As part of its ongoing work to protect the IESO grid from cyber security threats, however, the IESO is continuing discussions with stakeholders to determine whether this incident may have affected organizations across Ontario’s electricity sector.

As appropriate, the IESO will provide updates on the SolarWinds Orion incident through its Lighthouse cyber security threat intelligence information sharing program. Market participants that do not participate in the IESO Lighthouse program are encouraged to submit their cyber security contact information to to receive any future updates and guidance.

For more information about the SolarWinds incident, please refer to the security advisory from SolarWinds or the alert from the Canadian Centre for Cyber Security.


< Back to IESO News