topic Re: SolarStorm attack - Share your thoughts in General Topics

SolarStorm attack - Share your thoughts

agalindo — Tue, 05 Jan 2021 20:53:12 GMT

Hi everyone, we know there is a lot of news about the SolarWinds supply chain attack (SolarStorm Attack), and we want to let you know that we are here to help and want to make sure you have all the resources and information you need.

We put together a blog sharing all the different ways Palo Alto Networks can help you navigate during this time. Learn about the upcoming Linkedin Live series where Palo Alto Networks leaders and industry experts will be talking about how to assess your exposure in the wake of the SolarStorm attack. We guide you through all of the information here.

Re: SolarStorm attack - Share your thoughts

Brandon_Wertz — Tue, 22 Dec 2020 18:01:16 GMT

I'm surprised more of these attacks haven't occurred or at least been detected. Last year I went to an ICS security conference in Atlanta and sat through a briefing on this very topic. A company Adolus had been working with the DHS under a SVIP project to develop protections in the ICS / IoT space against supply chain attacks. It basically involves embedding some sort of visibility within a vendor directly monitoring suppliers directly within their core private networks. Under this project there's an attempt to create a trust within the larger global supply chain ecosystem.

The brief really got me excited and hopeful that something like this could be used to prevent such attacks, but it only works if you have vendor involvement, or if the government mandates it. There have been other successful supply chain attacks in the past (Rockwell / Dragonfly) nothing as large as Solarwinds, but there's still an obvious need to better protect our supply chain.

Re: SolarStorm attack - Share your thoughts

agalindo — Wed, 23 Dec 2020 18:51:35 GMT

Hi everyone! Wanted to let you all know there are some upcoming webinars that Unit 42 is hosting around the SolarStorm Attack! Ryan Olson, VP of Threat Intelligence here at Palo Alto Networks, will share some countermeasures you can take today to help protect your organization. He will also cover information about the Palo Alto Networks Response program and how it can help your organization assess and remediate risks related to SolarWinds. Find all upcoming webinars and registration information here.

Re: SolarStorm attack - Share your thoughts

dtran — Wed, 23 Dec 2020 19:08:08 GMT

I heard that even PAN got hacked as well because it is using Solarwinds in its environment.

Re: SolarStorm attack - Share your thoughts

Brandon_Wertz — Thu, 24 Dec 2020 16:48:28 GMT

@dtran wrote:

I heard that even PAN got hacked as well because it is using Solarwinds in its environment.

Well considering "...including more than 425 of the companies listed on the Fortune 500 as well as the top 10 telecom operators in the United States." it wouldn't surprise me if Palo Alto might have been running the affected software. Further just because a company might have been running Orion doesn't mean they had deployed the vulnerable software versions.

That listing of 425 companies was more likely just a listing of "customers" and not necessarily customers running affected software versions.

Re: SolarStorm attack - Share your thoughts

jdelio — Wed, 30 Dec 2020 17:13:28 GMT

@dtran wrote:

I heard that even PAN got hacked as well because it is using Solarwinds in its environment.

@dtran , If you read what Nikesh wrote here: https://blog.paloaltonetworks.com/2020/12/solarwinds-statement-solarstorm/

There was an attempt, but it was stopped with Palo Alto Networks Cortex XDR.

Re: SolarStorm attack - Share your thoughts

agalindo — Thu, 21 Jan 2021 16:07:39 GMT

Hello everyone! Just wanted to come on here and provide a quick update regarding the Unit 42 SolarStorm webinar briefings that were held last month. We recognize that some of you may not have been able to attend, so we want to share the on-demand link, which can be found here.

Re: SolarStorm attack - Share your thoughts

Martin312 — Mon, 22 Feb 2021 07:03:03 GMT

@FaceTime PC wrote:
Hi everyone, we know there is a lot of news about the SolarWinds supply chain attack (SolarStorm Attack), and we want to let you know that we are here to help and want to make sure you have all the resources and information you need.

We put together a blog sharing all the different ways Palo Alto Networks can help you navigate during this time. Learn about the upcoming Linkedin Live series where Palo Alto Networks leaders and industry experts will be talking about how to assess your exposure in the wake of the SolarStorm attack. We guide you through all of the information here.

The brief truly got me energized and cheerful that something like this could be utilized to forestall such assaults, yet it possibly works in the event that you have merchant contribution, or if the public authority orders it. There have been other fruitful inventory network assaults before (Rockwell/Dragonfly) nothing as extensive as Solarwinds, however there's as yet an undeniable need to more readily ensure our store network.