As we near the end of 2021, in the middle of yet another high-profile world wide system vulnerability , we thought it would be good to share with you a document we’ve worked on recently. It’s a long read, but very useful.
Factory IT Response to Recent CISA Cybersecurity Alert
Recently, the high profile cybersecurity firm Fireeye released additional details of an ongoing investigation into an attack and breach of their firm. CISA, the US Cybersecurity & Infrastructure Security Agency, also issued an emergency directive to US Government Agencies to remove certain software and isolate affected machines.
Since the initial disclosure it has been widely reported that multiple US Government agencies, including the US Treasury, NASA and Homeland Security, have been compromised as part of this supply chain attack.
I can confirm that Factory IT has never used or installed the Solarwinds Orion or any Fireeye application on either our own or any client machines. A search of all machines did not find related applications installed on any machine at any client on Dec. 15th.
We have been aware that our tools could be an attack vector and tightened our security significantly in September 2019 in response. We continue to evaluate our security policies and will use this incident to learn and adjust accordingly.
As always, please reach out if something seems amiss or you have concerns, we want to help.