The DHS Cybersecurity and Infrastructure Agency (CISA) has issued an updated alert for widespread cyber exploitation of the SolarWinds software platform. This intrusion achieves broad penetration and long-term undetected presence in victim networks, allowing for exfiltration of victim data.
Please note: CISA has recently determined that the SolarWinds Orion supply chain compromise is not the only initial infection vector being leveraged.
EPA wants to ensure that all members of the Water and Wastewater Systems sector are aware of this alert so that they can execute the recommended mitigation procedures. Please see this website for more information:
If you suspect your infrastructure has been compromised, please contact the CISA Cyber Liaison (firstname.lastname@example.org) immediately. CISA is advising entities not to disclose any details regarding a suspected compromise when contacting them via email. Upon receiving email correspondence, CISA will work with the reporting entity to establish out-of-band communication to discuss further.