Autodesk сообщила, что ее затронула атака на цепочку поставок SolarWinds
Autodesk сообщила в отчете QUARTERLY REPORT PURSUANT TO SECTION 13 OR 15(D) OF THE SECURITIES EXCHANGE ACT OF 1934 For the quarterly period ended July 31, 2021 для Комиссии по ценным бумагам и биржам США, что нашумевшая атака на цепочку поставок SolarWinds ее также затронула
Согласно документу, злоумышленники заразили один из серверов Autodesk вредоносным ПО Sunburst (Solorigate). По словам представителя Autodesk, скомпрометированный сервер был обнаружен 13 декабря 2020 года и немедленно изолирован от сети. Проведенный анализ показал, что сервер содержал только бэкдор, никакого другого вредоносного ПО обнаружено не было.
Как отметили в компании, инцидент не затронул «операции клиентов и продукты Autodesk».
О масштабной атаке на цепочку поставок SolarWinds стало известно в начале декабря минувшего года. В результате взлома сетей SolarWinds вредоносное обновление для платформы Orion установили 18 тыс. организаций. В частности, вредоносное ПО было обнаружено в сетях Министерства финансов США, Управления телекоммуникаций и информации (NTIA) Министерства торговли США, Министерства внутренней безопасности США , ИБ-компании FireEye , корпорации Microsoft , Минэнерго США и пр.
Hackers regularly have targeted our systems, offerings, services, and applications, and we expect them to do so in the future. Security incidents could disrupt the proper functioning of our systems, solutions, or services; cause errors in the output of our customers’ work; allow unauthorized access to sensitive data or intellectual property, including proprietary or confidential information of ours or our customers; or cause other destructive outcomes. The risk of a security incident, particularly through cyber attack or cyber intrusion, including by computer hackers, foreign governments, and cyber terrorists, has increased as the number, intensity, and sophistication of attempted attacks and intrusions from around the world have increased. These threats include identity theft, unauthorized access, DNS attacks, wireless network attacks, viruses and worms, advanced persistent threat (APT), application-centric attacks, peer-to-peer attacks, phishing, malicious file uploads, backdoor trojans, and distributed denial of service (DDoS) attacks. For example, in December 2020 it was widely reported that SolarWinds, an information technology company, was the subject of a cyberattack that created security vulnerabilities for thousands of its clients. We identified a compromised SolarWinds server and promptly took steps to contain and remediate the incidents. While we believe that no customer operations or Autodesk products were disrupted as a result of this attack, other, similar attacks could have a significant negative impact on our systems and operations. In addition, third parties may attempt to fraudulently induce our employees, vendors, partners, or users to disclose information to gain access to our data or our users’ data and there is the risk of employee, contractor, or vendor error or malfeasance. This existing risk is compounded given the COVID-19 pandemic and the resulting shift to workfrom-home arrangements for a large population of employees and contractors. Despite efforts to create security barriers to such threats, it is impossible for us to entirely eliminate these risks. If any of the foregoing security incidents were to occur or to be perceived to have occurred, our reputation may suffer, our competitive position may be diminished, customers may stop paying for our solutions and services, we could be required to expend significant capital and other resources to evaluate and alleviate the security incident and to try to prevent further or additional incidents, and we could face regulatory inquiry, lawsuits, and potential liability. We could incur significant costs and liabilities, including due to litigation, indemnity obligations, damages for contract breach, penalties for violation of applicable laws or regulations, and costs for remediation and other incentives offered to customers or other business partners in an effort to maintain business relationships after a breach, and our financial performance could be negatively impacted.