TMCnet News
Incident Response to SolarWinds Orion Software Compromise for SMEsSCOTTSDALE, Ariz., March 01, 2021 (GLOBE NEWSWIRE) -- In early December 2020, it was revealed that a state-sponsored cyber attack had been launched through a supply chain compromise of the SolarWinds' Orion monitoring software, initially affecting FireEye, a cybersecurity company. The cyber threat worked by inserting a backdoor, known as Sunburst, into the software to enable hackers to remote control the SolarWinds platform and use it to exfiltrate sensitive data from private-sector businesses, organizations, and government agencies. The attacks appear to have started in September 2019 and were discovered almost a year later. More recently, it was learned that a separate, unconnected attack -- also believed to be state-sponsored -- was launched at the same time on certain government payroll systems. Now, others have been attacked. While SolarWinds announced it has patched the vulnerabilities, investigations into the incidents are ongoing, especially in light of additional attacks via Microsoft 365 and the Azure cloud environment. "These hacks present ongoing risks to businesses and organizations, with the potential to compromise networks, employee and consumer data, and intellectual property," said Chris Clements, vice president, solutions architecture, Cerberus Security Officer, Cerberus Sentinel. "Small and mid-sized enterprises (SMEs) can be particularly vulnerable, often operating with smaller staffs and limited budgets." Cerberus Sentinel Corporation (OTC: CISO), a cybersecurity consulting and managed services firm based in Scottsdale, Ariz., reinforces the need for all organizations to be vigilant in keeping their cybersecurity defenses up to date. Specifically, the company offers the following counsel to SMEs to ensure protection against exploitation of mission-critical operations, resources, and software by the SolarWinds attack. Questions for IT Teams
If infected versions of SolarWinds are detected, enact the organization’s incident response plan but at a minimum:
What to do:
Are you prepared for the next SolarWinds style supply chain attack from other vendors?
For additional information, contact Cerberus Sentinel advisors at https://www.cerberussentinel.com, 480-389-3444 About Cerberus Sentinel Cerberus Sentinel is a U.S. provider of consulting and managed services, focused solely on cybersecurity. The company seeks to expand by acquiring world-class cybersecurity talent and utilizes the latest technology to create innovative solutions that protect the most demanding businesses and government organizations against continuing and emerging security threats. Safe Harbor Statement This news release contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. Statements including words such as "believes," "expects," "anticipates," "intends," "estimates," "plan," "will," "may," "look forward," "intend," "guidance," "future" or similar expressions are forward-looking statements. Because these statements reflect Cerberus Sentinel's current views, expectations and beliefs concerning future events, these forward-looking statements involve risks and uncertainties. Investors should note that many factors, as more fully described under the caption "Risk Factors" and elsewhere in Cerberus Sentinel's Form 10-K, Form 10-Q and Form 8-K filings with the Securities and Exchange Commission and as otherwise enumerated herein, could affect Cerberus Sentinel's future financial results and could cause actual results to differ materially from those expressed in such forward-looking statements. The forward-looking statements in this press release are qualified by these risk factors. These are factors that, individually or in the aggregate, could cause the Cerberus Sentinel's actual results to differ materially from expected and historical results. You should not place undue reliance on any forward-looking statements, which speak only as of the date they are made. We assume no obligation to publicly update any forward-looking statements, whether as a result of new information, future developments or otherwise. Contact: Cathy Morley Foster |