Attacks and Vulnerabilities
News
Vendors
Vulnerabilities

Parts of source code leaked in recent Stormshield security breach

February 05, 2021
Parts of source code leaked

Digital infrastructure security company Stormshield announced this week that some parts of its Stormshield Network Security (SNS) source code were leaked. Its teams detected a security breach that led to unauthorized access to a “technical portal used, in particular, by our customers and partners for the management of their support tickets on our products.”

Stormshield, a wholly-owned subsidiary of France-based Airbus CyberSecurity, also revealed that in addition to the parts of source code, personal data and technical exchanges associated with certain accounts “may have been consulted,” the company said in a security advisory. The company has as a precautionary measure reset the passwords of all accounts, and applied additional measures to the portal in order to reinforce its security.

All the activities and technical resources that serve customers and partners are still fully operational, the company said. During the investigations, no failure of the Stormshield solutions was detected.

Affected SNS customers have been informed. “As of today, the in-depth analysis carried out with the support of the relevant authorities has not identified any evidence of illegitimate modification in the code, nor have any of the Stormshield products in operation been compromised,” according to the vendor.

The cybersecurity company has as an additional precautionary measure anticipated the replacement of the trusted certificate that signs and ensures the integrity of the SNS releases and updates. New updates have been made available to customers and partners so that their products can work with this new certificate.

Stormshield’s technical support remains at the disposal of the account owners on the MyStormshield and Stormshield Institute portals to obtain the specific information that concerns them.

Following the confirmation of a security breach by Stormshield, the French National Agency for the Security of Information Systems (ANSSI) issued a security advisory in French.

“Although the incident has no immediate operational impact for its customers, Stormshield has published an update that we recommend that you apply as a precaution,” according to a translation of ANSSI’s statement from SecurityWeek. “Furthermore, for the duration of the investigations and also as a precautionary measure, ANSSI has decided to place the qualifications and approvals of SNS and SNI products under observation,” the translation continued.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
DC3, DCSA collaborate to launch vulnerability disclosure program for defense industrial base
DC3, DCSA collaborate to launch vulnerability disclosure program for defense industrial base