Tag Archive for: SolarWinds

SolarWinds Hit With Del. Derivative Suit Over Sunburst Hack

/in


By Katryna Perera (November 5, 2021, 7:55 PM EDT) — Current and former directors of information technology company SolarWinds have been hit with a stockholder derivative suit in Delaware’s Chancery Court over claims they were at fault for the massive hack and data breach that affected governments and private businesses around the globe last year.

The complaint filed by shareholders Thursday states the suit is in response to the directors’ “utter failure to implement or oversee any reasonable monitoring system concerning … cybersecurity risks fundamental to SolarWinds’ only line of business.”

These failures, the shareholders claim, led to one of the most devastating cyberattacks in U.S. history, which has since been…

Stay ahead of the curve

In the legal profession, information is the key to success. You have to know what’s happening with clients, competitors, practice areas, and industries. Law360 provides the intelligence you need to remain an expert and beat the competition.

  • Access to case data within articles (numbers, filings, courts, nature of suit, and more.)
  • Access to attached documents such as briefs, petitions, complaints, decisions, motions, etc.
  • Create custom alerts for specific article and case topics and so much more!

TRY LAW360 FREE FOR SEVEN DAYS

Source…

New York Department Of Financial Services Questions Its Regulated Entities On Responses To And Lessons Learned From The SolarWinds Cyberattack – Technology

/in


In December 2020, a cybersecurity company alerted the world to a
major cyberattack against the U.S. software development company,
SolarWinds, through the company’s Orion software product
(“SolarWinds Attack”). The SolarWinds Attack went
undetected for months, as it has been reported that the hackers
accessed the source code for Orion as early as March
2020.1 Orion is widely used by companies to manage
information technology resources, and according to SolarWinds Form
8-K filed with the Securities and Exchange Commission, SolarWinds
had 33,000 customers that were using Orion as of December 14,
2020.

It is alleged that the SolarWinds Attack was one part of a
widespread, sophisticated cyber espionage campaign by Russian
Foreign Intelligence Service actors which focused on stealing
sensitive information held by U.S. government agencies and
companies that use Orion.2 The hack was perpetuated
through SolarWinds sending its customers routine system software
updates.3 SolarWinds unknowingly sent out software
updates to its customers that included the hacked code that allowed
the hackers to have access to customer’s information technology
and install malware that helped them to spy on SolarWinds’
customers, including private companies and government entities,
thereby exposing up to 18,000 of its customers to the
cyberattack.

The New York Department of Financial Services (“DFS”)
alerted DFS-regulated entities of the SolarWinds Attack on December
18, 2020 through the “Supply Chain Compromise
Alert.”4 The Supply Chain Compromise Alert included
guidance from the U.S. Department of Homeland Security’s
Cybersecurity and Infrastructure Security Agency, SolarWinds, and
other sources, and reminded the regulated entities of their
obligations under the New York Cybersecurity Regulation
(“Cybersecurity Regulation”), adopted in 2017, which
requires DFS-regulated entities, including New York banks,
insurance companies and producers and other financial services
firms, to develop a comprehensive cybersecurity program, implement
specific cybersecurity controls, assess cybersecurity risks posed
by third-party service providers, and notify the DFS of
“cybersecurity…

Source…

SLSA Adoption Would’ve Muted SolarWinds Hack

/in


Adoption of Google Cloud’s Supply-chain Levels for Software Artifacts (SLSA) security framework would have protected organizations from the SolarWinds cyberattack by alleged Russia-backed hackers, according to CEO Thomas Kurian.

The software supply chain is a vector of threats that other cloud providers had not anticipated, Kurian said.

“We had anticipated that,” Kurian said in an exclusive CRN interview ahead of the Google Cloud Next ’21 conference that started today. “Not only did we build the technology in a secure way, but we’re now making it available to customers to use in a secure way. We have now taken that framework and, working with NIST (the U.S. Department of Commerce’s National Institute of Standards and Technology), are making it available to the entire software industry, because that framework would have protected against SolarWinds.”

Pronounced “salsa,” SLSA is a source-to-service security framework for ensuring the integrity of software artifacts by helping to protect against unauthorized changes to software packages throughout the software supply chain. It’s based on Google’s internal Binary Authorization for Borg (BAB), a deploy-time enforcement check designed to minimize insider risk by ensuring that production software and configuration deployed at Google is properly reviewed and authorized, especially if that code has the ability to access user data. Google has been using BAB since 2013 and requires it for all of its production workloads.

The SolarWinds hack, which ensnared Microsoft and breached U.S. federal government agencies and private sector companies, first was detected last December. Suspected Russian intelligence attackers injected malicious code into Austin, Texas-based SolarWinds’ Orion network monitoring platform that was downloaded into as many as 18,000 of its customers’ computer networks. Last month, Microsoft said the hackers behind SolarWinds also had developed a backdoor that exfiltrates sensitive information from compromised Microsoft Active Directory Federation Services servers.

Kurian pointed to both the increasing number of cybersecurity threats and the variations of those threats.

“A year ago, if somebody…

Source…

Russian hackers behind SolarWinds hack trying to infiltrate US and European government networks

/in



The Russian hackers behind a successful 2020 breach of US federal agencies have in recent months tried to infiltrate US and European government networks, cybersecurity analysts tracking the group told …

Source…