Regulators Probe Firms’ Exposure Following SolarWinds Hack

Author

ACA Aponix

Publish Date

Type

Cyber Alert

Topics

  • Cybersecurity

In response to the recent SolarWinds® attack that affected top tiers of government and multiple industries, regulators have taken steps to probe companies’ levels of exposure. Multiple firms have been requested to comply and provide specific information.

Examples include:

  • The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has issued a letter to numerous firms requesting the use of specific tools to detect exposure to the hack and requiring that firms contact the organization should exposure be detected. The letter points to a specific CISA alert with detailed information related to usage of CISA’s Sparrow and other detection tools. The letter provides specific agency contact information.
  • The UK Financial Conduct Authority (FCA), has requested that regulated firms comply with guidance from the National Cyber Security Centre (NCSC), including instructions to assess exposure, patch systems, and report suspected breaches.
  • The UK Information Commissioner’s Office (ICO) has issued a statement in response to the SolarWinds attack, specifically pointing to the requirement of firms to report any personal data losses within 72 hours of discovery.

ACA Additional Guidance

The SolarWinds attack is far-reaching with implications that are still being assessed and discovered. With both government and industry being affected, regulators are keen on gaining as much insight as possible and are requesting firms quickly assess and report any impacts.

ACA Aponix recommends taking the following actions regarding regulator requests in response to the SolarWinds breach:

  • After verifying the legitimacy of regulatory requests (e.g., checking against spam or phishing, etc.), comply with the specific regulatory requests. Note that firms are receiving legitimate requests from CISA to run tests using the Sparrow tool, and to report findings.
  • The recommendations, including the use of Sparrow and other tools, can be of an involved nature that require IT and cybersecurity expertise. If necessary, reach out to ACA Aponix or other trusted third-party providers for assistance.
  • Ensure that all updates and patches related to the SolarWinds breach have been applied.
  • Assess your organization's Microsoft® Office 365® configuration to ensure that maximum protection is afforded against this and other potential vulnerabilities.
  • Strongly encourage third-party vendors to follow directions and information related to this breach.
  • Follow further regulatory guidance as it becomes available.

How We Help

Attend our upcoming webcast on Managing Portfolio Risk Post SolarWinds Breach on February 2, 2021 at 12:00 PM EST to learn more.

Register

ACA Aponix offers the following solutions that can help your firm in light of the discovered vulnerability, software patching programming, Office 365 security configuration, and with data security in general.

If you have any questions, please contact your ACA Aponix consultant or email us at info@acaaponix.com.