Where Will the SolarWinds Blow Next? - Best Innovation Group > Media > Blog

Please Wait a Moment
X

Blog

26Jan

Where Will the SolarWinds Blow Next?

For a few weeks in December the SolarWinds software breach was big news. Like so many events these days, however, it was soon crowded out of the headlines- which I suspect is just fine with security experts, who prefer to combat these threats outside the glare of attention.

The initial target of the SolarWinds attack appears to be government systems, which is disturbing in itself. Even more troubling is the possibility of “sleeper cells” having been embedded in thousands of corporate systems (including banks and credit unions- a key SolarWinds vertical), lying in wait for future exploitation.  Worst of all, the hackers’ approach- which was ingenious, in a sinister way- serves as an “aha moment” for cybercriminals worldwide, opening up a scary new front for the good guys to defend.

On that upbeat note, let’s consider some expert insights that have emerged since the incident receded from the front page.

Words from the Front

As Jeff Olejnik pointed out on our recent BIGCast, SolarWinds’ effect on financial institutions could range from “little to no impact, to quite devastating.” According to the head of Wipfli’s CyberTech practice, not only must credit unions and banks confirm whether they were running SolarWinds’ Orion platform, but they must determine the same for vendors throughout their supply chain. If they were, a forensic investigation of logs (for new users, .dll changes, etc.) is in order, assessing system activity dating back to March 2020- the date of the first incursion, which went undetected for eight months. For the thousands of FIs that likely find themselves in this situation, an ongoing compromise assessment will also be essential. 

On BIG’s recent Digital Town Hall, noted cyber expert Jim Stickley (Stickley on Security, Mahalo Banking) estimated that between 18,000 and 33,000 SolarWinds client companies were infected via this breach. As Olejnik points out, that number could quickly escalate if one of those firms had access to partner systems in the period before the malware was removed.

As any fraud professional knows, successful scams involve the exploitation of trust. This is where the SolarWinds incident opened a disturbing new frontier- intruders managed to compromise the defenses of a firm recognized as a leader in system monitoring software. In other words, when SolarWinds (or more specifically its Orion platform) issues an update, clients know it’s important to install it. And since by definition monitoring software requires access across a variety of systems, it’s easy to grasp how widely such malware can spread.

The consensus belief is that a government-sponsored entity is behind this hack (although Stickley is not 100% convinced, as you’ll hear in the above link), which would be consistent with its initial focus on intelligence gathering rather than monetary gain. Even if that remains the primary objective, it’s hardly cause for comfort among banks and credit unions. State actors would relish the ability to erode confidence in the US financial system- which might involve a takedown of system availability or corruption of transaction balances. Until we can confirm any and all malware has been identified and eradicated, sadly any and all of these possibilities remain on the table.     

Even if it’s no longer headline news the ongoing SolarWinds situation should remain on every FI security leader’s radar- and we at BIG will continue to report on developments.

 

About the Author

Related

The Digital Transformation Revolution – Is It Leaving Credit Unions Behind? Part 3

The Digital Transformation Revolution – Is It Leaving Credit Unions Behind? Part 3

Is your credit union’s “digital lending experience” just an online application or is it an extrao...

Read More >
The Future (and Past) of Cash

The Future (and Past) of Cash

Like virtually every aspect of life, the COVID-19 pandemic has altered our relationship with cash- p...

Read More >
Credit Union Takeaways from the White House’s Executive Order

Credit Union Takeaways from the White House’s Executive Order

Based on the industry’s reaction, you’d think the banking sector had been singled out in the Biden...

Read More >

Credit Unions Should Be Thinking Top Of App Instead Of Top Of Wallet

The widespread use of smartphones and the Internet is changing the way a lot of people live their li...

Read More >
Standing Out from the (Vaccinated) Finovate Crowd

Standing Out from the (Vaccinated) Finovate Crowd

The Finovate crew did an impressive job of bringing their winning formula of seven-minute live demos...

Read More >
Plaid Direct Deposit- Be Afraid, Be Very Afraid

Plaid Direct Deposit- Be Afraid, Be Very Afraid

You’ve probably seen the bumper stick that reads, “If you’re not outraged, you’re not paying att...

Read More >

About Us

Best Innovation Group, Inc is a technology innovation and development company catering to the financial industry. We invite you to join the hundreds of financial institutions that have already worked with our team of experts in designing technology solutions to fit their growing needs.

Contact Us

Toll Free:
877.244.4964
Office:
813.377.4963
Fax:
813.425.2390

To Subscribe To Our Mailer