Regulators Probe Firms’ Exposure Following SolarWinds Hack
In response to the recent SolarWinds® attack that affected top tiers of government and multiple industries, regulators have taken steps to probe companies’ levels of exposure. Multiple firms have been requested to comply and provide specific information.
- The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has issued a letter to numerous firms requesting the use of specific tools to detect exposure to the hack and requiring that firms contact the organization should exposure be detected. The letter points to a specific CISA alert with detailed information related to usage of CISA’s Sparrow and other detection tools. The letter provides specific agency contact information.
- The UK Financial Conduct Authority (FCA), has requested that regulated firms comply with guidance from the National Cyber Security Centre (NCSC), including instructions to assess exposure, patch systems, and report suspected breaches.
- The UK Information Commissioner’s Office (ICO) has issued a statement in response to the SolarWinds attack, specifically pointing to the requirement of firms to report any personal data losses within 72 hours of discovery.
ACA Additional Guidance
The SolarWinds attack is far-reaching with implications that are still being assessed and discovered. With both government and industry being affected, regulators are keen on gaining as much insight as possible and are requesting firms quickly assess and report any impacts.
ACA Aponix recommends taking the following actions regarding regulator requests in response to the SolarWinds breach:
- After verifying the legitimacy of regulatory requests (e.g., checking against spam or phishing, etc.), comply with the specific regulatory requests. Note that firms are receiving legitimate requests from CISA to run tests using the Sparrow tool, and to report findings.
- The recommendations, including the use of Sparrow and other tools, can be of an involved nature that require IT and cybersecurity expertise. If necessary, reach out to ACA Aponix or other trusted third-party providers for assistance.
- Ensure that all updates and patches related to the SolarWinds breach have been applied.
- Assess your organization's Microsoft® Office 365® configuration to ensure that maximum protection is afforded against this and other potential vulnerabilities.
- Strongly encourage third-party vendors to follow directions and information related to this breach.
- Follow further regulatory guidance as it becomes available.
How We Help
Attend our upcoming webcast on Managing Portfolio Risk Post SolarWinds Breach on February 2, 2021 at 12:00 PM EST to learn more.
ACA Aponix offers the following solutions that can help your firm in light of the discovered vulnerability, software patching programming, Office 365 security configuration, and with data security in general.
- Microsoft® Office 365® security assessment
- Threat intelligence
- Cyberincident response planning
- Cybersecurity and technology risk assessments
- Vendor management and due diligence
- Penetration testing and vulnerability assessments
- Policies, procedures and governance
- Phishing testing and cyber awareness
If you have any questions, please contact your ACA Aponix consultant or email us at [email protected].