Over the past week, the Federal Bureau of Investigation (FBI), Department of Homeland Security’s (DHS) Cybersecurity & Infrastructure Security Agency (CISA) and the Office of the Director of National Intelligence (ODNI) announced a significant and sustained cyber-attack. CISA issued Emergency Directive 21-01 in response to a known attack against SolarWinds, an American software company that helps businesses manage their networks.
SolarWinds acknowledged a compromise of their Orion software platform. Orion is a suite of networking, IT Operations, and security products integrated into one platform, enabling IT personnel to monitor and manage their IT stack. The Orion platform provides an operator control of their information technology from a centralized console. 1
It is estimated that approximately 18,000 SolarWinds customers installed infected software onto their systems. SolarWinds clients include U.S. federal government department and agencies and many Fortune 500 companies. The FBI has taken the lead to investigate and attempt to fully attribute the attack to a threat actor. Secretary of State Pompeo announced that Russia was behind the attack. CISA directed department and agencies to take immediate action to detect and disrupt identified actors from their networks.
Global Guardian recommends our corporate, nonprofit, and family office clients consult with a cyber security expert to assess their networks in order to detect and disrupt threat actors on their networks.
Global Guardian’s 24/7 Cyber Security Operations Center provides real-time protection to secure corporate and residential networks, including individuals traveling or working from home. Our cyber services are tailored to each client’s security needs. Once a security solution is implemented, we provide constant monitoring and analysis to identify vulnerabilities and potential breaches. On average, our SOC protects clients from 3.8 million potential cyber security events per day.