© Reuters.
The U.S. Securities and Exchange Commission (SEC) has filed charges against software firm SolarWinds and its Chief Information Security Officer (CISO), Timothy G. Brown, alleging fraud and internal control failures tied to known cybersecurity risks. The SEC’s complaint, announced today, follows the 2020 MOVEit cyberattack where Russian hackers exploited SolarWinds’ software to compromise over 600,000 Department of Justice and Pentagon email addresses.
The SEC’s investigation into the SolarWinds hack began in September 2021 due to some publicly traded companies’ reluctance to reveal their exposure to SolarWinds. The complaint alleges that from its IPO in October 2018 until its December 2020 announcement of being targeted by the SUNBURST cyberattack, SolarWinds and Brown defrauded investors by overstating their cybersecurity practices and downplaying or not disclosing known threats.
The SEC claims that SolarWinds disclosed only generic risks when it and Brown were aware of specific deficiencies in their cybersecurity measures. Multiple communications among SolarWinds employees, including Brown, throughout 2019 and 2020 questioned the company’s ability to protect its critical assets, including its flagship Orion software, from cyberattacks.
The SEC’s complaint suggests that Brown was aware of these risks but failed to address them or escalate them within the company. The SEC also accused SolarWinds of incomplete disclosure about the SUNBURST attack in a Form 8-K filing in December 2020, which led to a significant drop in stock price. Gurbir S. Grewal, Director of the SEC’s Division of Enforcement, criticized SolarWinds and Brown for ignoring red flags about their cyber risks for years and misrepresenting the company’s cyber controls environment.
In response to the charges, SolarWinds has denied these fraud allegations, warning they could jeopardize national security and signify an overstep by the SEC. The company is committed to contesting these claims in court and continues honoring its Secure by Design commitments to ensure customer safety.
The SolarWinds issue came to light in late 2020 when hackers inserted backdoor code into SolarWinds’ Orion platform. This exploit was used to infiltrate several US federal agencies’ systems and potentially thousands of private companies. Russia’s SVR foreign intelligence service, linked to APT29 or Cozy Bear, has been blamed for the SolarWinds hack.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.
Read the full article here
