Supplemental guidance issued on SolarWinds attack

The Department of Homeland Security and Cybersecurity and Infrastructure Security Agency issued supplemental guidance to its alert for affected organizations to help mitigate exposure related to the supply chain attack on the SolarWinds Orion Platform.

The attack, which occurred between March and June 2020, pushed malicious code to an estimated 18,000 SolarWinds Orion customers, and has been linked to Russian hackers. CISA recommends that affected agencies must disconnect and rebuild affected systems, as well as look for other persistent malware that might now reside within impacted networks.

ICBA will continue to monitor developments and update its Cyber and Data Security resources section with the latest information.