News Formal

SEC: SolarWinds failed to disclose cybersecurity woes before historic breach

  • 📰 washingtonpost
  • ⏱ Reading Time:
  • 81 sec. here
  • 3 min. at publisher
  • 📊 Quality Score:
  • News: 36%
  • Publisher: 72%

Business Business Headlines News

Business Business Latest News,Business Business Headlines

SolarWinds suffered a historic breach that made waves in 2020, and now the Securities and Exchange Commission is taking action against the company and its CISO Tim Brown.

WASHINGTON, DC ‐ February 23, 2021:SolarWinds CEO Sudhakar Ramakrishna speaks during the Senate Intelligence Committee hearing on Capitol Hill in Washington, DC. February 23, 2021. The Securities and Exchange Commission charged software company SolarWinds on Monday for failing to publicly disclose alleged cybersecurity failures that led to one of history’s biggest computer breaches.

Later, SolarWinds suffered a breach of its network monitoring software, Orion, that allowed suspected Russian government-connected hackers to infiltrate thousands of customer organizations that included nine federal agencies. The breach began as early as 2019 but only became public in 2020. Thecalled it “one of the most widespread and sophisticated hacking campaigns ever conducted against the federal government and private sector.

According to the SEC, Brown and others had received ample warning of vulnerabilities at SolarWinds but did not disclose those problems publicly. In one internal warning in September 2020, SolarWinds executives were told “the volume of security issues being identified over the last month have outstripped the capacity of engineering teams to resolve." In another, in November of that year, a senior manager noted that, “We’re so far from being a security-minded company.

“We disagree that any such action is warranted against either the company or any employees, and we will continue to explore a potential resolution of this matter before the SEC makes any final decision,” SolarWinds CEO Sudhakar Ramakrishna wrote in an internal email in June. “And if the SEC does ultimately decide to initiate any legal action, we intend to vigorously defend ourselves.”

In a statement released Monday, SolarWinds accused the SEC of “overreach" and described itself as “disappointed by the SEC’s unfounded charges related to a Russian cyberattack on an American company and are deeply concerned this action will put our national security at risk.”

 

Thank you for your comment. Your comment will be published after being reviewed.
Please try again later.
We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

 /  🏆 95. in BUSİNESS

Business Business Latest News, Business Business Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

SEC Sues SolarWinds Over 2020 Hack Attributed to RussiansRegulator says software company defrauded investors by misleading them about its cyber vulnerabilities
Source: WSJ - 🏆 98. / 63 Read more »

SEC charges SolarWinds and company executive with fraud after cybersecurity breachBill Peters is a Los Angeles-based MarketWatch reporter who covers earnings.
Source: MarketWatch - 🏆 3. / 97 Read more »

SEC Commissioner Hester Peirce Dissents, Questions SEC's 'Enforcement-Driven Approach to Crypto'Noelle Acheson is the former head of research at CoinDesk and Genesis Trading. This article is excerpted from her Crypto Is Macro Now newsletter, which focuses on the overlap between the shifting crypto and macro landscapes. These opinions are hers, and nothing she writes should be taken as investment advice.
Source: CoinDesk - 🏆 291. / 63 Read more »