SolarWinds-related breaches: What community banks need to know

Dear Community Banker:

The supply chain attack on the SolarWinds Orion Platform, and the subsequent breaches to its customers, is a significant cybersecurity event that is affecting every corner of the public and private sectors, including community banking.

ICBA is closely monitoring developments and wants community bankers to have the latest information. Here's what we know:

• The massive SolarWinds attack took place between March and June 2020 and has pushed malicious code to an estimated 18,000 customers, including federal agencies and many private companies.
• The Treasury Department is seeking feedback from financial institutions that have ever run the SolarWinds Orion versions compromised in the attack. Respondents can contact Treasury's Office of Cybersecurity and Critical Infrastructure Protection at [email protected] or anonymously through FS-ISAC at [email protected].
• A joint statement by the FBI, CISA, ODNI, and NSA indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks.
• ICBA will continue updating its Cyber and Data Security resources section with the latest information.

While there are many pressing priorities right now given the coronavirus pandemic and stimulus negotiations, the security of community banks and their customers is of the utmost importance to ICBA.

ICBA will continue to monitor these developments and provide you with the very latest information as it becomes available.