In a company blog post, Nikesh Arora, CEO of Palo Alto Networks, writes: "We will soon be talking about this as one of the most serious cyberattacks in history. Tainted updates to SolarWinds Orion software were distributed for months before they were identified, positioning attackers to obtain administrative privileges and establish long-term network access – potential for a complete compromise of an organization by malicious actors. We must come together to defend against an attack of this magnitude."
Also discussed in the posting:
- Palo Alto Networks itself experienced an attempt to download Cobalt Strike on one of its IT SolarWinds servers, but its Cortex XDR instantly blocked the attempt with our Behavioral Threat Prevention capability and our SOC isolated the server.
- Due to the disclosures on December 13, the company has reanalyzed its entire infrastructure extensively one more time to ensure that it has not been compromised.
- Arora remains confident that Palo Alto Networks continues to be secure.
- Palo Alto Networks is now offering a free SolarStorm rapid assessment to determine if customers have been compromised by this threat actor.