Recent news of the security breach at network management software firm SolarWinds© is understandably causing much concern. As has been reported, the breach consisted of malicious code being inserted into software updates to SolarWinds' Orion© network monitoring platform. These updates were then pushed globally, potentially creating entry points for further intrusion on affected customers' networks. At this point in time, the information technology industry as a whole is still working on determining the full effect and capabilities of this sophisticated attack.
There are no Hitachi Vantara products that use or include the affected software from SolarWinds. Nonetheless, we strongly urge our customers to assess their risk for vulnerability in light of this news. The following resources are available to aid this, and may contain important information regarding the detection and mitigation of malicious activity stemming from this breach:
• Official Security Advisory from SolarWinds
• Microsoft Security Response Center: Customer Guidance on Recent Nation-State Cyber Attacks
• FireEye Threat Research Analysis