Please Wait a Moment
X

Blog

26Jan

Where Will the SolarWinds Blow Next?

For a few weeks in December the SolarWinds software breach was big news. Like so many events these days, however, it was soon crowded out of the headlines- which I suspect is just fine with security experts, who prefer to combat these threats outside the glare of attention.

The initial target of the SolarWinds attack appears to be government systems, which is disturbing in itself. Even more troubling is the possibility of “sleeper cells” having been embedded in thousands of corporate systems (including banks and credit unions- a key SolarWinds vertical), lying in wait for future exploitation.  Worst of all, the hackers’ approach- which was ingenious, in a sinister way- serves as an “aha moment” for cybercriminals worldwide, opening up a scary new front for the good guys to defend.

On that upbeat note, let’s consider some expert insights that have emerged since the incident receded from the front page.

Words from the Front

As Jeff Olejnik pointed out on our recent BIGCast, SolarWinds’ effect on financial institutions could range from “little to no impact, to quite devastating.” According to the head of Wipfli’s CyberTech practice, not only must credit unions and banks confirm whether they were running SolarWinds’ Orion platform, but they must determine the same for vendors throughout their supply chain. If they were, a forensic investigation of logs (for new users, .dll changes, etc.) is in order, assessing system activity dating back to March 2020- the date of the first incursion, which went undetected for eight months. For the thousands of FIs that likely find themselves in this situation, an ongoing compromise assessment will also be essential. 

On BIG’s recent Digital Town Hall, noted cyber expert Jim Stickley (Stickley on Security, Mahalo Banking) estimated that between 18,000 and 33,000 SolarWinds client companies were infected via this breach. As Olejnik points out, that number could quickly escalate if one of those firms had access to partner systems in the period before the malware was removed.

As any fraud professional knows, successful scams involve the exploitation of trust. This is where the SolarWinds incident opened a disturbing new frontier- intruders managed to compromise the defenses of a firm recognized as a leader in system monitoring software. In other words, when SolarWinds (or more specifically its Orion platform) issues an update, clients know it’s important to install it. And since by definition monitoring software requires access across a variety of systems, it’s easy to grasp how widely such malware can spread.

The consensus belief is that a government-sponsored entity is behind this hack (although Stickley is not 100% convinced, as you’ll hear in the above link), which would be consistent with its initial focus on intelligence gathering rather than monetary gain. Even if that remains the primary objective, it’s hardly cause for comfort among banks and credit unions. State actors would relish the ability to erode confidence in the US financial system- which might involve a takedown of system availability or corruption of transaction balances. Until we can confirm any and all malware has been identified and eradicated, sadly any and all of these possibilities remain on the table.     

Even if it’s no longer headline news the ongoing SolarWinds situation should remain on every FI security leader’s radar- and we at BIG will continue to report on developments.

 

About the Author

Related

Growth for Growth’s Sake!

Growth for Growth’s Sake is what every Credit Union should be seeking!

Read More >

Great CU Client Service Takes More Than A Smile

Great client service is at the heart of every good business relationship, and credit unions depend a...

Read More >
Seizing the Growth Opportunity for Mid-Sized Credit Unions

Seizing the Growth Opportunity for Mid-Sized Credit Unions

Last month I wrote about how credit unions’ stagnant market share of 7% of US consumer deposits sho...

Read More >
The Crypto Creature from Wyoming

The Crypto Creature from Wyoming

The regulatory landscape for US financial institutions is notoriously complex, a complicated web of ...

Read More >
Ten Years of Transformation Crammed into Three Months

Ten Years of Transformation Crammed into Three Months

In the big picture, it’s not as if any of this was a surprise. We’ve known for ages that digital c...

Read More >
Who Sets the Rules for the Gig Economy?

Who Sets the Rules for the Gig Economy?

The gig economy is driving one of the greatest labor market transformations in generations. Such shi...

Read More >

About Us

Best Innovation Group, Inc is a technology innovation and development company catering to the financial industry. We invite you to join the hundreds of financial institutions that have already worked with our team of experts in designing technology solutions to fit their growing needs.

Contact Us

Toll Free: 877.244.4964
Office: 813.377.4963
Fax: 813.425.2390

Subscribe To Our Mailer