As many of you may have read, this past December, there was a major hack targeting the SolarWinds Orion software suite. It was estimated that about 18,000 out of their 300,000 customers were impacted. Many of the customers targeted were U.S. government agencies and large Fortune 500 customers.
The following SolarWinds Orion versions 2019.4 HF5 and 2020.2HF1 were identified as impacted or susceptible to compromise. Newer versions of the platform were not affected and were designed to protect against major hacks like this incident. SolarWinds has strongly suggested all users update to the latest release if they have not.
We want to ensure you that Coretelligent’s data and systems were not impacted and have addressed your following concerns.
For more details about the SolarWinds Orion event, you may reference their security advisory here.
Frequently Asked Questions
To address any client concerns, below are some frequently asked questions we have prepared regarding the SolarWinds cyberattack. We strive to remain transparent when any major outage or hack happens, and our support staff is available to answer any questions you may have.
Q: How was Coretelligent impacted by this security event? Has our organization and/or our personal data experienced any risk?
A: Coretelligent was not impacted by this security event. None of our networks, systems, nor vendors were included in this event, and we have continued to monitor the situation and provide updates to our client base. Your organization and/or personal data remains safe and secure.
Q: Has Coretelligent, at any time, run a compromised version of SolarWinds Orion platform? (This includes versions 2019.4HF5 through 2020.2HF1.)
A: No, Coretelligent does not, and has never, run the SolarWinds Orion platform in our environment.
Q: Have you run a recent security audit of the platforms you utilize using public tools? Did recent audits indicate compromised data?
A: As of January 6, 2021, both the CrowdStrike CRT and the Cybersecurity and Infrastructure Security Agency (CISA) Sparrow tools have been run against the Coretelligent environment. No indicators were found with either tool.
Coretelligent also employs continuous security monitoring for all internal systems and platforms to detect any potential security or anomalous events.
Q: Are we at risk of a cyberattack or attacks from Microsoft and/or the government as part of this event?
A: Based on available information, Coretelligent does not believe there are or have been any specific active threats or risks to customer environments. Neither Coretelligent nor any customer environments were identified to be accessed or compromised as a part of this specific incident. We are continuing to monitor the situation and will communicate additional information as it is received. Microsoft has also released statements saying they have found zero indications customer data was accessed by actors responsible for the SolarWinds cyberattack.
Clients that have concerns regarding their Azure or Microsoft 365 environments can contact our security team to perform additional scans and analysis as needed. Both DHS/CISA and CrowdStrike have free tools designed to detect unusual and potentially malicious activity that could be threatening users and applications in an Azure/Microsoft 365 environment.
We will continue to provide updates as they are received, but we hope you understand Coretelligent was not impacted by the SolarWinds Orion platform cyberattack. If you have any additional questions, we are happy to address them. Our security and support teams are available to help. You can reach us here.