Unfortunate news often calls for a self audit and gut check.  Are you putting all your eggs in one basket?

CISA ISSUES EMERGENCY DIRECTIVE TO MITIGATE THE COMPROMISE OF SOLARWINDS ORION NETWORK MANAGEMENT PRODUCTS

Original release date: December 13, 2020 | Last revised: December 14, 2020
(source: https://www.cisa.gov/news/2020/12/13/cisa-issues-emergency-directive-mitigate-compromise-solarwinds-orion-network)

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) tonight issued Emergency Directive 21-01, in response to a known compromise involving SolarWinds Orion products that are currently being exploited by malicious actors. This Emergency Directive calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.

“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. “Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation.”

This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. All agencies operating SolarWinds products should provide a completion report to CISA by 12pm Eastern Standard Time on Monday December 14, 2020.

###

As if the real wildfires this season weren’t enough, now there are MAJOR cybersecurity fires burning across United States agencies and upwards of 18,000 other SolarWinds customers.  Full reports of the impact of these attacks have not been released or may be a bit fuzzy on details.  It will take some time before anyone really knows.

If you are in this position then it’s time to consider alternatives and redundancy options.  ELM Enterprise Manager is an enterprise class log management solution supporting the largest, airlocked multi-location enterprise down to the single, simple admin small shop, and all varieties in between.

  • Collect all your logs, particularly your security logs, from all your systems.
    • Windows Events, Syslog, SNMP, Flat Files
  • Aggregate, filter and notify based on the activity across your networks.
    • Advanced filtering capabilities allow you to cut through the noise, focus on what matters
  • Securely store your log data for further review.
    • Remote and redundancy options

ELM has been providing real-time monitoring, alerting and reporting solutions to government operations and companies like yours world wide for over 20 years.  It’s not just a workhorse, it’s the Clydesdale of a system or security administrator’s arsenal of tools.

We invite you to explore our product, download an evaluation, see for yourself why ELM has stood the test of time.