Where Will the SolarWinds Blow Next? - Best Innovation Group > Media > Blog

Please Wait a Moment



Where Will the SolarWinds Blow Next?

For a few weeks in December the SolarWinds software breach was big news. Like so many events these days, however, it was soon crowded out of the headlines- which I suspect is just fine with security experts, who prefer to combat these threats outside the glare of attention.

The initial target of the SolarWinds attack appears to be government systems, which is disturbing in itself. Even more troubling is the possibility of “sleeper cells” having been embedded in thousands of corporate systems (including banks and credit unions- a key SolarWinds vertical), lying in wait for future exploitation.  Worst of all, the hackers’ approach- which was ingenious, in a sinister way- serves as an “aha moment” for cybercriminals worldwide, opening up a scary new front for the good guys to defend.

On that upbeat note, let’s consider some expert insights that have emerged since the incident receded from the front page.

Words from the Front

As Jeff Olejnik pointed out on our recent BIGCast, SolarWinds’ effect on financial institutions could range from “little to no impact, to quite devastating.” According to the head of Wipfli’s CyberTech practice, not only must credit unions and banks confirm whether they were running SolarWinds’ Orion platform, but they must determine the same for vendors throughout their supply chain. If they were, a forensic investigation of logs (for new users, .dll changes, etc.) is in order, assessing system activity dating back to March 2020- the date of the first incursion, which went undetected for eight months. For the thousands of FIs that likely find themselves in this situation, an ongoing compromise assessment will also be essential. 

On BIG’s recent Digital Town Hall, noted cyber expert Jim Stickley (Stickley on Security, Mahalo Banking) estimated that between 18,000 and 33,000 SolarWinds client companies were infected via this breach. As Olejnik points out, that number could quickly escalate if one of those firms had access to partner systems in the period before the malware was removed.

As any fraud professional knows, successful scams involve the exploitation of trust. This is where the SolarWinds incident opened a disturbing new frontier- intruders managed to compromise the defenses of a firm recognized as a leader in system monitoring software. In other words, when SolarWinds (or more specifically its Orion platform) issues an update, clients know it’s important to install it. And since by definition monitoring software requires access across a variety of systems, it’s easy to grasp how widely such malware can spread.

The consensus belief is that a government-sponsored entity is behind this hack (although Stickley is not 100% convinced, as you’ll hear in the above link), which would be consistent with its initial focus on intelligence gathering rather than monetary gain. Even if that remains the primary objective, it’s hardly cause for comfort among banks and credit unions. State actors would relish the ability to erode confidence in the US financial system- which might involve a takedown of system availability or corruption of transaction balances. Until we can confirm any and all malware has been identified and eradicated, sadly any and all of these possibilities remain on the table.     

Even if it’s no longer headline news the ongoing SolarWinds situation should remain on every FI security leader’s radar- and we at BIG will continue to report on developments.


About the Author


Finding Your Digital & Data Strategy Foundation Starts Here

Digital transformation has revolutionized retail banking and data is the jet fuel for the seismic sh...

Read More >

Who Do You Trust? Would Your Credit Union Members Say It Is You?

Be it in our personal or professional lives, relationships are built on trust. Although services and...

Read More >
What’s So Special about SPACs?

What’s So Special about SPACs?

My barometer for when an arcane finance topic has crossed into the mainstream tilts when my twentyso...

Read More >
Killer FinTech on Display at AXFI

Killer FinTech on Display at AXFI

One of the most popular sessions of the AXFI conference- the annual data analytics forum that wrappe...

Read More >
FedNOW… in 2023? The Allure of Instant Payments

FedNOW… in 2023? The Allure of Instant Payments

The Federal Reserve stirred the pot in 2018 when it requested comments on its offering a real-time p...

Read More >

Budget Challenge: Meet Credit Union Strategic Goals, Innovate AND Keep The Lights On

Members are the driving force behind all your credit union’s activities, and that’s understandable...

Read More >

About Us

Best Innovation Group, Inc is a technology innovation and development company catering to the financial industry. We invite you to join the hundreds of financial institutions that have already worked with our team of experts in designing technology solutions to fit their growing needs.

Contact Us

Toll Free:

To Subscribe To Our Mailer