IBTTA Member Notice – SolarWinds Cybersecurity Information

To IBTTA Members

In support of IBTTA’s member companies, the IBTTA Council of Platinum Sponsors (CoPS) sub-committee on Cybersecurity asked that we pass along information they’ve gathered regarding the recent SolarWinds security breach.  Please consider reviewing this information with your system and IT providers to mitigate potential risk.

From the CoPS Sub-Committee:

With the recent events surrounding widely popular products, SolarWinds, the following information may assist in your review of possible vulnerabilities. 

Summary: SolarWinds Orion product is impacted when malicious code is injected into their product, opening a back door to execute jobs and transfer files. The links below provide the list of products affected and those not believed to be involved.

• More information from SolarWinds Security Advisory: https://www.solarwinds.com/securityadvisory

Additional information:

• DHS website: https://cyber.dhs.gov/ed/21-01/
• FireEye: https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html
• Orion Platform: Secure Configuration in the Orion Platform (solarwinds.com).

As we learn more, we will post information here on this page.

All the best for a safe and secure 2021.

Regards,

Patrick D. Jones