{"id":23286,"date":"2023-11-01T05:10:17","date_gmt":"2023-11-01T13:10:17","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2023\/11\/01\/news-17016\/"},"modified":"2023-11-01T05:10:17","modified_gmt":"2023-11-01T13:10:17","slug":"news-17016","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/11\/01\/news-17016\/","title":{"rendered":"SolarWinds and its CISO accused of misleading investors before major cyberattack"},"content":{"rendered":"\n<p>The Securities and Exchange Commission (SEC) <a href=\"https:\/\/www.sec.gov\/news\/press-release\/2023-227\">has announced<\/a> charges against software company SolarWinds Corporation and its chief information security officer (CISO), Timothy G. Brown, for \u201cfraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.\u201d<\/p>\n<p>In 2020,&nbsp;SolarWinds&nbsp;announced it had been hacked and that its compromised software channel was used to push out malicious updates onto&nbsp;<a href=\"https:\/\/www.washingtonpost.com\/national-security\/russian-government-spies-are-behind-a-broad-hacking-campaign-that-has-breached-us-agencies-and-a-top-cyber-firm\/2020\/12\/13\/d5a53b88-3d7d-11eb-9453-fc36ba051781_story.html\" target=\"_blank\" rel=\"noreferrer noopener\">18,000 of its Orion platform customers<\/a>. The nearly two-years long cyberattack was dubbed SUNBURST.<\/p>\n<p>The complaint by the SEC, filed in the Southern District of New York, alleges that during the cyberattack, and perhaps before and after too, SolarWinds and Brown defrauded investors by overstating SolarWinds&#8217; cybersecurity practices, as well as understating or failing to disclose known risks.<\/p>\n<p>The SEC claims that SolarWinds \u201cmisled investors by disclosing only generic and hypothetical risks at a time when the company and Brown knew of specific deficiencies in SolarWinds\u2019 cybersecurity practices as well as the increasingly elevated risks the company faced at the same time.\u201d<\/p>\n<p>A 2018 presentation based on an internal assessment which was shared internally, including with Brown, stated that SolarWinds\u2019 remote access set-up was \u201cnot very secure\u201d and that someone exploiting the vulnerability \u201ccan basically do whatever without us detecting it until it\u2019s too late.\u201d<\/p>\n<p>In June 2020, while investigating a cyberattack on a SolarWinds customer, Brown wrote that it was \u201cvery concerning\u201d that the attacker may have been looking to use SolarWinds\u2019 Orion software in larger attacks because \u201cour backends are not that resilient.\u201d<\/p>\n<p>Instead of dealing with these problems, SolarWinds and Brown \u201cengaged in a campaign to paint a false picture of the company\u2019s cyber controls environment, thereby depriving investors of accurate material information.\u201d<\/p>\n<p>Even the disclosure about the SUNBURST attack was allegedly incomplete. The SEC\u2019s complaint alleges that SolarWinds and Brown violated the antifraud provisions of the Securities Act of 1933 and of the Securities Exchange Act of 1934; SolarWinds violated reporting and internal controls provisions of the Exchange Act; and Brown aided and abetted the company\u2019s violations.<\/p>\n<p>The complaint seeks permanent injunctive relief, disgorgement with prejudgment interest, civil penalties, and an officer and director bar against Brown.<\/p>\n<hr \/>\n<p>Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.<\/p>\n<div class=\"wp-block-malware-bytes-button mb-button\" id=\"mb-button-835d6059-753a-4f9a-a017-969fcaf64632\">\n<div class=\"mb-button__row u-justify-content-center\">\n<div class=\"mb-button__item mb-button-item-0\">\n<p class=\"btn-main\"><a href=\"https:\/\/www.malwarebytes.com\/business\/contact-us\/\">TRY NOW<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/11\/solarwinds-and-its-ciso-accused-of-misleading-investors-before-major-cyberattack\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> The SEC has announced charges against SolarWinds and its CISO for fraud and internal control failures related to the company&#8217;s cybersecurity. <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[1001,11142,32,26620,30444],"class_list":["post-23286","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-business","tag-ciso","tag-news","tag-solarwinds","tag-sunburst"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23286","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=23286"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23286\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=23286"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=23286"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=23286"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}