As you may have seen recently reported in the national news, SolarWinds, a software vendor, discovered a supply chain attack that compromised their Orion business software. In turn, this compromise caused their software to distribute malware to their users. The malware permits an attacker to gain access to a user’s network traffic management systems, and the attacker can then leverage this to gain elevated credentials. This compromise was used to target the cybersecurity firm FireEye, as well as multiple U.S. government agencies.
Nexa1 does not use any SolarWinds or FireEye products internally. However, we are following the developments of this news closely and ensuring that we validate our processes and environment as new information becomes publicly available.
The security of our clients, products, our partners, and our partner data is of critical importance, and while we have no evidence to suggest that any of our systems are involved or impacted, below are the following actions we are proactively taking while this cyber event unfolds:
- We will continue to carefully monitor the situation. We have taken actions to blacklist the known indicators of compromise related to the infected files globally.
- Although Nexa1 is not affected by this event, we are considering the impacts to develop our own lessons learned and use it as an opportunity to seek improvements in our processes and controls. Know that your safety is our number one priority, and we will continue to keep you apprised of the situation and other threats as they become known.
As always, if you ever see anything that you suspect may be malicious or fraudulent, please report it immediately to our team at firstname.lastname@example.org.
We will continue to provide updates and information as necessary, and we encourage you to reach out if you have any questions or concerns.
Thank you, The Nexa1 Team