© Reuters.
The U.S. Securities and Exchange Commission (SEC) filed a lawsuit on Monday against Texas-based tech firm SolarWinds Corp., and its former vice president of security, Tim Brown, alleging that they failed to disclose security vulnerabilities. The lawsuit is a response to a large-scale 2020 Russian cyberespionage operation that exploited SolarWinds’ software, leading to the infiltration of multiple U.S. government agencies and over 100 private entities.
The SEC accuses SolarWinds and Brown of deceiving investors by concealing the company’s inadequate cybersecurity practices and escalating risks. The commission seeks civil penalties, ill-gotten gains reimbursement, and Brown’s removal from his position.
SolarWinds has disputed these charges, stating they are unfounded and could potentially compromise national security. Brown’s attorney also defended his client’s integrity, pledging to challenge the SEC’s allegations.
Gurbir S. Grewal, the director of the SEC’s enforcement division, accused SolarWinds and Brown of disregarding multiple warnings about their cybersecurity deficiencies for years. He claimed they misrepresented the company’s cyber controls environment, thereby misleading investors.
In October 2018, when SolarWinds was preparing for its IPO, Brown admitted in an internal presentation that the company’s security was extremely vulnerable. Throughout 2019 and 2020, SolarWinds employees expressed concerns about the company’s ability to protect its critical assets from cyberattacks.
SolarWinds, a provider of network-monitoring and other technical services to numerous organizations globally, was at the center of a nearly two-year-long espionage campaign. Russian cyber operators seeded malware in the company’s network management software update channel, enabling them to surreptitiously infiltrate selected targets, including several U.S. government agencies and major software and telecommunications providers.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.
Read the full article here
