Security News

Following a significant security incident that sent shockwaves through the global cybersecurity community, SolarWinds has hired a newly formed cybersecurity consulting firm founded by Chris Krebs, former director of the U.S. Cybersecurity and Infrastructure Security Agency and Alex Stamos, former security chief at Facebook and Yahoo. Generically named the Krebs Stamos Group, its website currently shows limited information about the firm, saying its goal is to "Help organizations turn their greatest cybersecurity challenges into triumphs."

An investigation has been launched into the impact of the SolarWinds breach on the computer systems used by federal courts in the United States, which reportedly represented a target of interest to the hackers. The Administrative Office of the U.S. Courts said an investigation was launched in mid-December after the Cybersecurity and Infrastructure Security Agency issued an emergency directive instructing all federal agencies to immediately analyze their systems for evidence indicating that they may have been targeted through the Orion monitoring tool developed by SolarWinds.

Obscure software packages can have hidden vulnerabilities that affect the security of these networks, and sometimes the entire Internet. Any system for acquiring software needs to evaluate the security of the software and the security practices of the company, in detail, to ensure they are sufficient to meet the security needs of the network they're being installed in.

The Administrative Office of the U.S. Courts has revealed on Wednesday that it is investigating whether sealed U.S. court records had been accessed by the SolarWinds attackers. The AO is now working with the Department of Homeland Security "On a security audit relating to vulnerabilities in the Judiciary's Case Management/Electronic Case Files system that greatly risk compromising highly sensitive non-public documents stored on CM/ECF" and has announced new security procedures to protect highly sensitive confidential documents filed with the courts.

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office of the U.S. Courts. "The AO is working with the Department of Homeland Security on a security audit relating to vulnerabilities in the Judiciary's Case Management/Electronic Case Files system that greatly risk compromising highly sensitive non-public documents stored on CM/ECF, particularly sealed filings," the agency said in a statement published Jan. 6.

The Administrative Office of the U.S. Courts is investigating a potential compromise of the federal courts' case management and electronic case files system which stores millions of highly sensitive and confidential judiciary records. US Judiciary is also working on immediately adding extra safeguards and security procedures to protect the highly sensitive court documents filed with the courts.

Cybersecurity companies and U.S. intelligence agencies are investigating the possible role played by a product from JetBrains in the recently discovered SolarWinds hack, according to reports. The New York Times and Reuters reported on Wednesday that cybersecurity experts and government agencies are trying to determine whether the hackers that targeted SolarWinds may have abused software created by JetBrains to achieve their goal.

JetBrains' CEO, Maxim Shafirov, denied reports from multiple news outlets that the company played a role in the SolarWinds supply chain attack. TeamCity, a continuous integration and deployment system used for unit testing and code quality analysis, is the JetBrains product that officials are reportedly looking into as a potential attack vector used by the SolarWinds hackers.

The U.S. Department of Justice on Wednesday became the latest government agency in the country to admit its internal network was compromised as part of the SolarWinds supply chain attack. "On December 24, 2020, the Department of Justice's Office of the Chief Information Officer learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others," DoJ spokesperson Marc Raimondi said in a short statement.

The SolarWinds security breach disclosed last month, which US authorities believe was of Russian origin and led to the compromise of at least 18,000 organizations, may have been enabled in part by software from JetBrains. One of these, build management and continuous integration system TeamCity, is used by SolarWinds as part of its application build process.