Czech software development firm JetBrains today released a statement denying reports from the New York Times and the Wall Street Journal alleging that JetBrains was being investigated for possibly being involved in the SolarWinds crash that affected thousands of companies around the world. has.
The reports, citing government sources, said U.S. officials were looking at a scenario where Russian hackers breached JetBrains and then launched attacks on its customers, one of which was SolarWinds.
In particular, investigators believe that hackers operated a JetBrains product called TeamCity, a CI / CD server (continuous integration / continuous development), which is used to assemble components in the final software app into a process known as ‘building’.
But in a blog post published today, JetBrains CEO Maxim Shafirov said the Czech company was unaware that it was being investigated for its role in infringing on SolarWinds.
“SolarWinds is one of our customers and uses TeamCity, which is a continuous integration and deployment system, used as part of the asset building software,” Shafirov said.
“SolarWinds did not contact us with any details regarding the infringement,” he added.
“Secondly, no government or security agency has contacted us regarding this matter, nor are we aware that we are investigating. If such an investigation is conducted, the authorities can count on our full cooperation.”
However, the CEO of JetBrains, a Russian citizen, did not rule out the possibility that his product could have been abused in the SolarWinds hack.
“It is important to emphasize that TeamCity is a complex product that requires proper configuration. If TeamCity has been used in this process in any way, it could very well be due to incorrect configuration and not a specific vulnerability, “said the executive officer.
However, the two reports are also not very clear about the alleged breach of JetBrains. As Stefan Soesanto, Senior Cyber Defense Researcher at the Center for Security Studies at the Swiss Federal Institute of Technology (ETH) in Zurich, pointed out on Twitter earlier today, more details need to be clarified before any blame on JetBrains’ role in the SolarWinds hack.
WSJ: Access to TeamCity Server Using SolarWinds
(enable supply chain attack against SolarWinds)NYT: TeamCity software compromised
(enabling supply chain attacks against countless JetBrains customers)Which one is it ????
– Stefan Soesanto (@iiyonite) 6 January 2021
Updated at 10:20 PM ET. An original version of this article claims that JetBrains is being investigated as the origin of the SolarWinds hood. ZDNet regrets the mistake.