Avaya will pay a $1 million civil penalty, Mimecast will pay a $990,000 civil penalty, Check Point will pay a $995,000 civil penalty, and Unisys will pay a $4 million civil penalty under the charges.

Few businesses have been charged by the Securities and Exchange Commission (SEC) for providing materially false information about cybersecurity threats and attacks for the breaches related to  SolarWinds’ Orion software. 

Avaya will pay a $1 million civil penalty, Mimecast will pay a $990,000 civil penalty, Check Point will pay a $995,000 civil penalty, and Unisys will pay a $4 million civil penalty under the charges.

As per the SEC’s directives, companies discovered that the threat actor most likely responsible for the SolarWinds Orion attack had gained unauthorised access to their systems. However their incident disclosure behaviour was negligent  and they downplayed the cybersecurity problem in their public statements.

Even though one of the companies was aware of two hacks involving the exfiltration of terabytes of data relating to SolarWinds, it portrayed the threats posed by cybersecurity incidents as hypothetical. The order concludes that disclosure controls were inadequate and that statements were substantially deficient.

The SolarWinds breach, which was a major cybersecurity issue involving a complex supply chain assault, was found in December 2020. The Orion software platform, which is used by many organisations for IT administration, was penetrated by hackers who are thought to be connected to a Foreign intelligence agency outside US. Malicious code was included by the attackers into Orion software updates, which were then sent to thousands of SolarWinds clients, including large enterprises and governmental organisations. Although around 18,000 organisations were impacted by the hack, the attackers targeted a smaller number of targets, such as key infrastructure, tech businesses, and U.S. government departments.

The cybersecurity firm FireEye was the first to identify the breach in its own systems. The event prompted severe worries about supply chain vulnerabilities, cybersecurity standards, and the threats presented by third-party software suppliers.

More focus is being placed on cybersecurity measures across businesses as a result of this event, which emphasised the vital role that cybersecurity plays in the current digital world and the attack that brought attention to the need for improved security practices in software development and supply chain management.

Galactik Views