SolarWinds: What community banks need to know

The supply chain attack on the SolarWinds Orion Platform and subsequent customer breaches is affecting every corner of the economy, including community banking, ICBA President and CEO Rebeca Romero Rainey wrote.

In a message to community bankers, Romero Rainey offered a breakdown of key facts about the event:

  • The attack took place between March and June 2020 and has pushed malicious code to an estimated 18,000 customers.
  • The Cybersecurity and Infrastructure Security Agency issued an alert and an emergency directive encouraging affected organizations to use available detection countermeasures.
  • The Department of Homeland Security and FS-ISAC are holding calls today, Dec. 17, on the attack. The FS-ISAC call is scheduled for 10 a.m. (Eastern time), followed by the DHS call at noon.
  • The Treasury Department is seeking feedback from financial institutions that have ever run the compromised SolarWinds Orion systems at [email protected] or anonymously through FS-ISAC at [email protected].
  • ICBA will continue updating its Cyber and Data Security resources section with the latest information.