October 30, 2023 at 05:56PM
SolarWinds has been charged by the SEC for allegedly hiding cybersecurity issues from investors before the December 2020 APT29 breach. The SEC claims the company failed to disclose the risks and only shared broad information. The SEC also alleges that SolarWinds’ Chief Information Security Officer knew about the vulnerabilities but did not address them. SolarWinds says the charges are misguided and risk hindering industry information-sharing. The breach, orchestrated by APT29, affected multiple US federal agencies.
Meeting Notes Summary:
– The SEC has charged SolarWinds with defrauding investors by concealing cybersecurity defense issues before a December 2020 breach.
– The breach was orchestrated by the Russian threat group APT29, leading to the compromise of multiple U.S. federal agencies.
– SolarWinds allegedly failed to notify investors about cybersecurity risks and only disclosed vague risks.
– SolarWinds’ Chief Information Security Officer, Timothy G. Brown, also faces legal action for knowing about the risks.
– The SEC claims that Brown was aware of vulnerabilities and concerns about future attacks using SolarWinds’ software.
– SolarWinds responded to the SEC charges, calling them improper and arguing for the importance of open information-sharing.
– The Russian hackers breached SolarWinds’ internal systems and trojanized the SolarWinds Orion platform.
– The malicious builds were used to target fewer than 18,000 victims, including Fortune 500 companies and various government agencies.
– Multiple U.S. government agencies confirmed being breached, including the State Department, DHS, Treasury, DOE, and others.