OPERATIONAL RISK

SolarWinds Cyberattack

The supply chain attack on the SolarWinds Orion Platform and subsequent customer breaches is affecting every corner of the economy, including community banking. Here's what you need to know.

CEO ALERT

What community banks need to know

The supply chain attack on the SolarWinds Orion Platform, and the subsequent breaches to its customers, is a significant cybersecurity event that is affecting every corner of the public and private sectors, including community banking.

ICBA is closely monitoring developments and wants community bankers to have the latest information. Here's what we know:

Quick References

CISA Emergency Directive 21-01 Supplemental Guidance v2 - Dec. 30

Dec 22, 2020 | NewsWatch Today Article

Supplemental guidance issued on SolarWinds attack

Dec 21, 2020 | NewsWatch Today Article

SolarWinds criminals narrow follow-up attacks: Microsoft

Dec 18, 2020 | NewsWatch Today Article

CISA follow-up call today on SolarWinds

Dec 17, 2020 | NewsWatch Today Article

SolarWinds: What community banks need to know

Dec 16, 2020 | NewsWatch Today Article

SolarWinds-related breaches: What community banks need to know

Financial institutions that have ever run the compromised SolarWinds Orion systems may provide feedback at OCCIP-Coord@treasury.gov or anonymously through FS-ISAC at sharingops@fsisac.com.

ICBA Members can also get the latest OCCIP updates here.

Key Resources for Your Bank’s Cybersecurity Program

The following links will lead you to cybersecurity assessment tools to help you better understand where your bank stands.

Name	Source	Date
CISA - Free Detection Tool for Azure/M365 Environment	CISA	12/28/2020
CIS - CIS Controls	CIS	11/18/2020
CSBS - Ransomware Mitigation Tool	CSBS	11/18/2020
#Protect2020 Rumor vs. Reality	CISA	10/21/2020
FBI Internet Crime Complaint Center (IC3)	FBI	09/10/2020
US-CERT Alerts	CISA	09/10/2020
Financial Services Information Sharing and Analysis Center	FS-ISAC	09/10/2020
Carnegie Endowment for International Peace: Cyber Resilience Capacity-building Tool Box	CEIP	09/10/2020
FDIC Cyber Challenge: A Community Bank Cyber Exercise	FDIC	09/10/2020
FBIIC Financial Sector Cyber Exercise Template	FBIIC	09/10/2020
FDIC Information Technology and Cybersecurity Banker Resource Center	FDIC	09/10/2020
FFIEC Cybersecurity Resource Guide	FFIEC	09/10/2020
FSSCC Automated Cybersecurity Assessment Tool v.2.1	FSSCC	09/10/2020
NIST Cybersecurity Framework	NIST	09/10/2020
FFIEC Cybersecurity Assessment Tool		09/09/2020
FFIEC IT Handbook	FFIEC	09/09/2020
CISA Cybersecurity Detection and Prevention	CISA	09/09/2020
CISA Cybersecurity Assessments	CISA	09/09/2020
CISA Cybersecurity Training and Exercises	CISA	09/08/2020
CISA - Cyber Resiliency Resources for Public Safety Fact Sheet	CISA	09/06/2020

Vulnerabilities & Mitigation

Cybersecurity and data security vulnerabilities come in many forms. Use these resources to know what you are dealing with and how to stay one step ahead.

Name	Source	Date
North Korea: Cyber Tactics and Tools Targeting Global Financial Sector	DHS	01/13/2021
PIN - Egregor Ransomware	FBI	01/07/2021
Money Mule Initiative and Education	DOJ	12/16/2020
CISA Alert: Active Exploitation of SolarWinds Software	CISA	12/13/2020
CISA Emergency Directive on SolarWinds Orion Code Compromise	CISA	12/13/2020
PIN: Cyber Criminals Exploit Email Rule Vulnerability to Increase the Likelihood of Successful Business Email Compromise	FBI	12/01/2020
Scam Awareness Materials for Groups and Organizations	SSA	11/02/2020
Security Alert Pandemic Related Fraud Chargeback Scheme	Visa	10/21/2020
Advisory on Unemployment Insurance Fraud During COVID-19	FINCEN	10/13/2020
Pandemic Response Portal		09/28/2020
Unemployment Insurance Fraud Consumer Protection Guide		09/28/2020
USSS SBA OIG Joint Alert - PPP EIDL Fraud - TLP Green		09/28/2020
Cyber Fraud Task Force Bulletin - September 2020	USSS	09/25/2020
Selecting and Safely Using Collaboration Services for Telework	NSA	09/10/2020
FBI Alert: Increased use of Mobile Apps Could Lead to Exploitation	FBI	09/10/2020
Compromised Managed Service Providers	USSS	09/10/2020
State UI ACH ID List	USSS	09/10/2020
U.S. Secret Service Cyber Fraud Task Force Map	USSS	09/10/2020
Contact U.S. Secret Service Cyber Fraud Task Forces	USSS	09/10/2020
USSS-DOL OIG UI Advisory	USSS	09/10/2020
FBI Sees Spike in Fraudulent Unemployment Insurance Claims Filed Using Stolen Identities	FBI	09/10/2020
FinCEN Advisory on Imposter Scams and Money Mule Schemes	FinCEN	09/10/2020
Contact U.S. Department of Labor Cyber Fraud Task Forces	DOL	09/10/2020
Cybersecurity: Ransomware Alert	OCIE	09/10/2020
OCCIP Cybersecurity Alert 1 - Ransomware	OCCIP	09/10/2020
Indicators Associated with Netwalker Ransomware	FBI	09/10/2020
Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage	CISA	09/10/2020
SBA Information Notice	SBA	07/21/2020
SBA Lender Alert EIDL	SBA	07/14/2020