In a statement issued to Reuters on Sunday, the company said “we strive to implement and maintain appropriate administrative, physical, and technical safeguards, security processes, procedures, and standards designed to protect our customers.Zabbix housekeeper settings Of course, without the housekeeper enabled, no history/events/action data will ever be deleted. SolarWinds executives declined interviews through a spokesperson, who cited an ongoing investigation that now involves the FBI and other agencies. Its value proposition has been around reliability.” “SolarWinds products have always been reliable.
“This is an unimaginable, unfortunate situation,” said Oliver, the research analyst. The SolarWinds board appointed his replacement just a day before FireEye first publicly revealed the hack. SolarWinds’ longtime CEO, Kevin Thompson, had months earlier indicated that he would be leaving at the end of the year as the company explored spinning off one of its divisions. Moody’s Investors Service said Wednesday it was looking to downgrade its rating for the company, citing the “potential for reputational damage, material loss of customers, a slowdown in business performance and high remediation and legal costs”. Its stock has plummeted 23% since the beginning of the week. The compromised product accounts for nearly half the company’s annual revenue, which totaled $753.9m over the first nine months of this year. The breach has caused a crisis for SolarWinds. “We may not know the true impact for many months, if not more, if not ever,” said Kim Peretti, who co-chairs Atlanta-based law firm Alston & Bird’s cybersecurity preparedness and response team.įireEye, without naming any specific targets, has said it has confirmed infections in North America, Europe, Asia and the Middle East, including in the health care and oil and gas industry, and has been informing affected customers around the world. The company earlier this week took down a web page that boasted of dozens of its best-known customers, from the White House, Pentagon and the Secret Service to the McDonald’s restaurant chain and Smithsonian museums. SolarWinds estimated in a financial filing that about 18,000 customers had installed the compromised software, meaning many of them were vulnerable to spy operations at some time this year.
#ORION SOLARWINDS CHANGE MONITORING FULL#
“This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government,” the statement read. In a joint statement issued Thursday evening, the FBI, the Cybersecurity and Infrastructure Security Agency, and the office of the director of National Intelligence described the hack as “significant and ongoing”. But the treasury and commerce departments were confirmed to have been targeted. US government officials have not yet stated which agencies were affected.
FireEye has not publicly blamed that breach on the SolarWinds hack, but it reportedly confirmed that was the case to the tech site Krebs On Security on Tuesday.įireEye described the malware’s dizzying capabilities, from initially lying dormant up to two weeks, to hiding in plain sight by masquerading its reconnaissance forays as Orion activity. The breach was not discovered until the prominent cybersecurity company FireEye, which itself uses SolarWinds, determined it had experienced a breach through the software. The hack began as early as March, SolarWinds admitted, giving the hackers plenty of time to access the customers’ internal workings.
#ORION SOLARWINDS CHANGE MONITORING UPDATE#
The company revealed that hackers snuck a malicious code that gave them remote access to customers’ networks into an update of Orion. On Sunday, SolarWinds alerted thousands of its customers that an “outside nation state” had found a back door into its most popular product, a tool called Orion that helps organizations monitor outages on their computer networks and servers. That dominance, however, has become a liability. “We don’t think anyone else in the market is really even close in terms of the breadth of coverage we have,” he said. There was not a database or an IT deployment model out there to which the company did not provide some level of monitoring or management, he told analysts. On an October earning call, the company’s chief executive Kevin Thompson touted how far it had come since. The firm was founded by two brothers in Tulsa, Oklahoma, ahead of the feared turn-of-the-millennium Y2K computer bug.
0 kommentar(er)
