Earlier this week, major news outlets and security sites brought to light a series of nation-state sponsored hacks against United States government agencies. These attacks have been linked to a series of exploits of the SolarWinds® Orion® IT Monitoring Platform.
Sometime in early 2020, a breach of the supply-chain side of the SolarWinds® Orion® IT Monitoring Platform resulted in the introduction of malicious code. Per SolarWinds®, this code has been identified as present in several Orion® builds, starting with version 2019.4 HF5 through 2020.2 HF1.
While this has affected “fewer than 18,000” active installations per SolarWinds®, the impact on the IT industry at large is significant. Orion® is one of the leading IT monitoring platforms, utilized by organizations worldwide.
How does this affect ServerCentral Turing Group (SCTG)?
We have not installed the SolarWinds® Orion® IT Management Platform. We do not utilize the platform in any manner nor are there any current or planned projects that will utilize or rely upon this platform.
What should you do?
If your organization is using the SolarWinds® Orion® IT Management Platform, we urge you to immediately review the CISA ED, located here: https://www.cisa.gov/news/2020/12/13/cisa-issues-emergency-directive-mitigate-compromise-solarwinds-orion-network
The CISA ED advises an immediate shutdown of the SolarWinds® Orion® IT Management Platform and partnering with an organization that conducts incident response to identify the impact.
Our security team has reviewed the CISA ED and is ready to assist in any manner possible.
If you have any questions or concerns regarding this, please direct them to your account manager or contact me directly at firstname.lastname@example.org.