IT management software company SolarWinds said that monitoring products it released in March and June of this year may have been surreptitiously tampered with in a highly-sophisticated, targeted and manual supply chain attack by a nation state, Reuters reported.
SolarWinds did not name the tampered monitoring products.
SolarWinds released in June new features to its SolarWinds APM Suite of SaaS-based infrastructure and application performance management (APM) solutions.
The latest updates to the SolarWinds APM suite of products—AppOptics, Pingdom, and Loggly —are designed to provide IT professionals an affordable APM alternative for managing custom applications and the underlying infrastructure in on-premises, hybrid, and cloud-native environments.
Joe Kim has served as the chief technology officer (CTO) of SolarWinds since July 2016. Prior to joining SolarWinds, Joe Kim was the general manager of Hewlett Packard Enterprise (HPE) Company’s Transform business unit from November 2014 to February 2016, and the CTO for HP Software’s Application Delivery Management (ADM) and IT operations management businesses from April 2013 to November 2014.
The statement came as the U.S. intelligence community investigates breaches at several government agencies, including the U.S. Treasury and Department of Commerce. The breach was connected to a previously announced intrusion at cybersecurity firm FireEye by the work of Russians.
SolarWinds serves several US government customers across the executive branch, the military, and the intelligence services. The diversity of SolarWind’s customer base has sparked concern within the U.S. intelligence community that other government agencies may be at risk.
SolarWinds says on its website that its customers include most of America’s Fortune 500 companies, the top 10 U.S. telecommunications providers, all five branches of the U.S. military, the State Department, the National Security Agency, and the Office of President of the United States.
SolarWinds did not directly comment on the security breaches but said it is “acting in close coordination with FireEye, the Federal Bureau of Investigation, the intelligence community, and other law enforcement to investigate these matters. As such, we are limited as to what we can share at this time.”
SolarWinds recently announced its decision to acquire SentryOne, a technology provider of database performance monitoring and DataOps solutions on SQL Server, Azure SQL Database, and the Microsoft Data Platform.
Austin, Texas—based SolarWinds Corporation reported 8.5 percent increase in its revenue to $261 million in its third quarter ended September 30, 2020.
Baburajan Kizhakedath
