DCS Security Advisory to its customers – DCS Is not impacted by the recent supply chain Trojan attack Sunburst which is exploiting the SolarWinds Orion product.
Thousands of global businesses have sadly been impacted by a supply chain attack that compromised the update mechanism for SolarWinds Orion software in order to deliver a backdoor Trojan known as Sunburst (aka Solarigate).
Details on the attacks were first disclosed by the security firm FireEye whose own services were impacted.
Microsoft have subsequently identified numerous of its customers that have installed the Trojan and is now in the process of notifying all of those impacted organizations, 80% of which are located in the United States, with the rest being spread across seven other countries —namely Canada, Mexico, Belgium, Spain, the UK, Israel, and the UAE. Microsoft itself had installed the Trojan on some of their infrastructure.
SolarWinds has published a security advisory for its customers.
For general information regarding the nature of the attack this BBC article is a useful summary.
DCS can confirm that none of our devices or services have been impacted by these SolarWinds breaches.
SolarWinds Orion is not deployed within the DCS infrastructure nor is it used by DCS in service of managed customer devices or customer infrastructure.
Ongoing monitoring of the situation, and our services and infrastructure, will provide our customers and our own supply chain with the confidence that DCS systems remain undisturbed by these recent revelations.
Our dedicated cyber security team are continuing to assess the situation as it evolves to ensure we continue to maintain a secure environment for all of our customers.
Companies in our own supply chain are currently being contacted to confirm their services have, similarly, not been impacted or any impact, such as with Microsoft, has been effectively managed.
In circumstances where customers have themselves opted to utilise any SolarWinds products we strongly recommend reviewing the SolarWinds Security Advisory which is regularly updated.
In addition, customers may wish to review the relevant guidance from the US Cybersecurity and Infrastructure Security Agency (CISA). https://us-cert.cisa.gov/ncas/alerts/aa20-352a