Cybersecurity and Infrastructure Security Agency issues Emergency Directive 21-01. SolarWinds Orion products are currently being exploited by malicious actors. This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. CISA urges all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down solarWinds products immediately. All agencies operating Solarwinds products should provide a completion report to CISA by 12pm Eastern Standard Time on Monday December 14, 2020.”]