The cyberattack conducted on SolarWinds last month, leading to compromise around 18,000 organizations, is believed to have been partly enabled by software from JetBrains.
Indeed, after weeks of investigations, the US authority has come to the conclusion that the security breach was of Russian origin. The company JetBrains, founded by Russian software developers, makes software development tools that have been used in SolarWinds’ application build process.
The reports of the investigation are still looking if the software was involved with the security breach. If the software development tool was indeed involved, it probably came from a misconfiguration of the tool.
Yet, they do not suggest that JetBrains was responsible for the hack but most likely that the software security was poor, improperly configured, or vulnerable. This would have then helped the attackers to put their malicious code in the software supply chain.
Hence, JetBrains is not accused of anything and has not been contacted by any government or security agency. The company is ready to cooperate if necessary.
The focus of the investigation remains on whether or not SolarWinds updated its security programs. The security breach led to a malicious library targeting the SolarWinds Orion Platform build system and a vulnerability allowing the malware to be deployed and to a supply chain attack that put a vulnerability into the framework of SolarWinds’ Orion Platform software.
Moreover, it was also announced that the US Department of Justice’s Microsoft Office 365 email system had been compromised as a result of the cyberattack.