Tuesday, December 22, 2020
By Fuel HQ
On December 13th, SolarWinds announced that hackers had inserted malware into a service that provides software updates for its Orion platform. Palo Alto Networks has quickly responded with a number of resources to help navigate SolarStorm attack, the name they assigned to the recent campaign of attacks connected to a suspected nation state actor behind the SolarWinds SUNBURST malware.
Below is a roundup of resources that the Fuel community can access online.
December 23 Webinar With Unit 42
Palo Alto Networks will host an informative webinar session on Wednesday, December 23rd at 9 a.m. ET with Ryan Olson, leader of Palo Alto Networks Unit 42 Threat Research team. The discussion will include:
- What effective countermeasures you can take today to help protect your organization
- What we currently know about the attack
- What Palo Alto Networks is offering to help its customers in the spirit of its mission, which is to protect the community's digital way of life
Rapid Response Program
To support customers at this challenging time, the Cortex team at Palo Alto Networks developed a SolarStorm rapid response program. In addition to blog posts, videos and more, this program includes:
- A free SolarStorm Rapid Assessment: The team will help you locate the at-risk servers owned by your organization and assess whether you’ve been compromised. After the analysis is complete, you’ll be provided with a SolarStorm Assessment Report brought to you by Expanse and Crypsis.
- A SolarStorm Cybersecure Engagement: If you think you are exposed, you can be directly engaged with an expert team dedicated to this program, for a full investigation and remediation of the incident. This includes 200 Crypsis IR hours, two months of Expanse and two months of Cortex XDR.
Blog posts, articles and additional resources can also be found online from trusted sources here:
- “Palo Alto Networks Rapid Response: Navigating the SolarStorm Attack,” an update from Palo Alto Networks CEO Nikesh Arora
- “Threat Brief: SolarStorm and SUNBURST Customer Coverage,” by Unit 42
- “SUPERNOVA: A Novel .NET Webshell,” by Unit 42
- A breakdown for specific technologies and recommended steps from Unit 42:
- “Cortex XSOAR for SolarStorm Breach Rapid Response,” by Jane Goh of Palo Alto Networks
More to Explore
Check out these Fuel blog posts for further reading: