The nature of the breach, and the fact SolarWinds tools are used by tens of thousands of organisations globally (either directly or through an IT partner) to manage their technology environments has provided the cyber threat actors (suspected, in this case, to be a Russian state-sponsored APT (Advanced Persistent Threat) group known as; ‘Cozy Bear’) with a level of access to such organisation’s networks rarely seen before (if ever).
The scale of the impact and the depth of reach of this attack renders it one of the most serious cyber incidents of all time.
All FORTIFIED IT customers can be assured…
- FORTIFIED IT do not have any SolarWinds products deployed within our technology environment.
- We promptly initiated a software audit of all machines we manage on behalf of our clients and can confirm; just a single instance of any SolarWinds product was found.
- Follow up investigation revealed:
- The product was installed by an internal IT resource (directly employed by the client);
- The product was actually no longer in use; and,
- FORTIFIED immediately removed the product and advised the affected client accordingly.
- FORTIFIED reached out to all our product vendors and have confirmed that none use any affected SolarWinds software.
In brief; we’ve taken all reasonable steps to ensure you are not affected by this most serious breach, either by our actions, those of our vendors, or indeed your own, and will continue to monitor this situation closely. As the fallout from this breach unfolds we will be following all suggested best practice and vendor guidance to ensure that you are protected and, as ever, remain FORTIFIED.
Unfortunately, breaches are now simply a reality…
…and, regardless of the countermeasures employed to minimise risk as far as possible, one which we will all face at some point, likely repeatedly over the years but, supply chain attacks are becoming more common and can be the most devastating. It is for this reason we at FORTIFIED maintain as few vendor relationships and toolsets as practicably possible and why those vendors are robustly managed in relation to data security and privacy risk.
Those customers who benefit from our 24×7 Managed SOC (Security Operations Centre) and Advanced Endpoint Protection services are largely insulated from these types of threats due to the nature of the protection such services provide. If you’re unsure on this, please feel free to reach out.
Hopefully this message has gone some way to alleviating any fears you may have had around this incident and your potential exposure but, should you have any questions, please do not hesitate to get in touch and we’ll be happy to discuss further…
We’re here to help!