The SolarWinds supply chain attack, otherwise referred to by Palo Alto Networks as the SolarStorm attack, is becoming increasingly apparent as one of the most significant cyberattacks in history due in part to its sheer magnitude. Since it’s initial report on December 13, 2020, details from major security vendors and organizations have been released, clarifying the events leading up to the initial disclosure. Palo Alto Network’s Unit 42 has conducted research based on what is publicly available and what information has been identified within internal data, and calculated the following timeline:

In order to combat SolarStorm’s wide-reaching, malicious presence, Palo Alto Networks has launched a rapid response program to guide users through this crisis in a time-efficient manner. You can learn more about the program in the data sheet we’ve provided:

The program involves a free Rapid Assessment for organizations, looking over any possible exposures to the SolarStorm attack and reporting back with the full results within 72 hours. If there is an exposure that is detected, or if the user believes there may be a potential risk, Palo Alto will provide the investigative resources to remediate the situation through their CyberSecure Engagement. Their Engagement program will include a two-month license of both Cortex XDR and Expanse, which has proven to successfully prevent an attempted SolarStorm attack and promptly deployed IOCs to customer-facing products.

If you are interested in the rapid response program, reach out to our team who will respond as soon as possible and help you with the procedures in obtaining an assessment or further security assistance.