The recent breaches making headlines is a stark reminder that no organization is immune to cyberattacks. We firmly stand by FireEye and SolarWinds and commend them for their transparency and rapid response to help minimize impact to those affected. Like us, they fight the good fight.
Unfortunately, threat actors believed to be state-sponsored and highly capable, launched an attack against SolarWinds’ supply chain resulting in wide deployment of malware tied to an update of the company’s Orion IT monitoring platform. Another attack, this time targeting cybersecurity vendor FireEye allowed hackers to get away with the company’s red teaming tools used for security testing exercises, that also could be used to hack systems when in the wrong hands.
As details continue to emerge about potential repercussions, Bitdefender wants to ensure customers and partners that its products, services and technologies have not been compromised. Bitdefender Labs, threat intelligence and research team have taken several proactive steps to help ensure its key stakeholders remain protected from any potential fallout now and in the future.
Those actions include the following:
Measures Bitdefender took to ensure its internal operations were not impacted:
An audit of our suppliers, partners, contractors and outsourcers concluded SolarWinds solutions are not incorporated into any products or services we procure.
Although Bitdefender does not use any SolarWinds solutions in its operations, a thorough systems check concluded no indication of compromise from the attack.
We have hardened our environment against specific techniques used in this attack and will continue to fortify through evaluations and tabletop exercises as new information becomes available.
Attacks targeting supply chains are some of the most complicated to mitigate against because usually the threat actors penetrate the environment and tamper with the company’s continuous integration processes, including digital trust and delivery of compromised software updates.
To help businesses strengthen resiliency against supply chain attacks, our security team recommends the following:
Be assured we will continue to support our customers, partners and the security community the best we can from threat actors who work tirelessly to steal data, extort and cause harm.
Bitdefender is a global security technology company that delivers solutions in more than 100 countries through a network of value-added alliances, distributors and reseller partners. Since 2001, Bitdefender has consistently produced award-winning business and consumer security technology, and is a leading security provider in virtualization and cloud technologies. Through R&D, alliances and partnership teams, Bitdefender has elevated the highest standards of security excellence in both its number-one-ranked technology and its strategic alliances with the world’s leading virtualization and cloud technology providers.View all posts
Don’t miss out on exclusive content and exciting announcements!