A Thing
The Green SheetGreen Sheet

Monday, February 1, 2021

SolarWinds hack left many vulnerable

Combatting data breaches is a lot like playing a game of whack a mole. As companies get smarter and implement new, stronger measures to protect against hacks, the hackers, too, get smarter and craftier, targeting cloud-based and managed service providers to snag even more data and more victims.

Now comes news that the SolarWinds breach, allegedly a state-sponsored attack, which sparked headlines late last year, could have far-reaching implications for payments firms and merchants.

"With the COVID-19 pandemic still going strong at the end of 2020, retailers in various industries are already feeling the pressure of increasing eCommerce transactions and friendly fraud incidents," Chargeback Gurus said in a recent statement. "With the breaking news of the SolarWinds security breach, these retailers are now facing a potential 'second wave' of chargebacks."

Federal Reserve, Mastercard, Visa potentially compromised

SolarWinds, a Texas IT firm used by businesses and government agencies to manage networks and systems, disclosed in December a "highly sophisticated" attack on its Orion product, an infrastructure monitoring and management platform. The attack was "likely conducted by an outside nation state," SolarWinds said.

The cybersecurity firm FireEye, which first identified the attack, said the assault was launched in early 2020 and may have left some systems compromised for months. FireEye, which was among companies hacked, said the attackers were able to get into systems, by way of an update to the Orion monitoring and management software, and deploy malicious code on unsuspecting networks.

SolarWinds claims more than 300,000 organizations, including U.S. government agencies and a majority of Fortune 500 companies, use Orion. But in a recent filing with the Securities Exchange Commission, the company estimated that only about 18,000 customers may have installed the Orion update containing malicious code.

Although SolarWinds has not disclosed specific companies attacked, the company's client list reads like a who's who of organizations that maintain payments and personally identifiable consumer financial information. These include: AT&T, Blue Cross Blue Shield, Comcast, Credit Suisse, the Federal Reserve, Mastercard, McDonalds, Microsoft, Visa and Yahoo.

FireEye CEO Kevin Mandia, in a December interview with the CBS News program Face the Nation, said the attackers appeared to have set their sights on specific targets. "It's probably only about 50 organizations or companies, somewhere in that zone, that are genuinely impacted by the threat actor," he said.

Specific organizations that have said they were affected include the credit reporting agency Equifax, Microsoft Corp., and the U.S. Departments of Treasury and Homeland Security.

"The complete scale of the breach is still unknown and security experts are suggesting that several major systems may still be exposed to the malware that fueled the breach," Chargeback Gurus noted. The implications for merchants, Chargeback Gurus added, could be a fresh wave of fraud cases and chargebacks. "In our opinion, based on the evidence of the hack and the history of breaches in the U.S., it is likely this event will have significant fallout for retailers," the company stated. end of article

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

2021 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007
A Thing