Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Businesses Security United States

Wide-Ranging SolarWinds Probe Sparks Fear in Corporate America (reuters.com) 22

A U.S. Securities and Exchange Commission investigation into the SolarWinds Russian hacking operation has dozens of corporate executives fearful information unearthed in the expanding probe will expose them to liability, Reuters reported Friday, citing six people familiar with the inquiry. From the report: The SEC is asking companies to turn over records into "any other" data breach or ransomware attack since October 2019 if they downloaded a bugged network-management software update from SolarWinds, which delivers products used across corporate America, according to details of the letters shared with Reuters. People familiar with the inquiry say the requests may reveal numerous unreported cyber incidents unrelated to the Russian espionage campaign, giving the SEC a rare level of insight into previously unknown incidents that the companies likely never intended to disclose.

"I've never seen anything like this," said a consultant who works with dozens of publicly traded companies that recently received the request. "What companies are concerned about is they don't know how the SEC will use this information. And most companies have had unreported breaches since then." The consultant spoke on condition of anonymity to discuss his experience. The requests are voluntary, and companies are obliged to disclose anything material to investors. But the fact the inquiries comes from the SEC's enforcement staff could raise the prospect of investigations and steep penalties if companies fail to disclose breaches or did not have the appropriate controls in place to deal with past attacks, four attorneys who regularly handle SEC cases said.
Further reading: What it was like inside Microsoft during the worst cyberattack in history.
This discussion has been archived. No new comments can be posted.

Wide-Ranging SolarWinds Probe Sparks Fear in Corporate America

Comments Filter:
  • Good (Score:5, Insightful)

    by mveloso ( 325617 ) on Friday September 10, 2021 @04:02PM (#61783537)

    If the companies are shown to have been hiding material information from investors, then they deserve penalties.

  • I mean, If cloud is the architecture then people should be moving their infrastructure from the "edge" to behind the Edge....
  • >The requests are voluntary, and companies are obliged

    They use the work voluntary in a way that doesn't seem compatible with being obliged.

  • by IonOtter ( 629215 ) on Friday September 10, 2021 @04:35PM (#61783623) Homepage

    That's the sound of the whetstone on the blade of the axe.

    And to me, it's beautiful music.

    I hope heads roll. I hope the stock market plummets and smashes a hole into the ground so deep, that downtown Manhattan gives up, sticks a few ladders in the hole, and calls it a swimming pool. I hope the proverbial blood of millions flows into that hole and shatters the souls of millions.

    Because Wall Street has been living a lie since the Office of the Comptroller of Currency started watering down Glass-Steagall in the 60s, and they started raping the world with that lie using the shiny bronze balls of the Charging Bull on November 12, 1999, when Clinton signed the Grammâ"Leachâ"Bliley Act.

    No more.

    No more "too big to fail".

    No more lies.

    The economy is sick because it's full of pus. And the only way forward is to lance the abcess and drain the pus.

    • I agree with you but it won't. Even Equifax, which had the worst security you can imagine, ended up with a lower stock price for a while but they have recovered. Now it's like it never happened (except they are still insecure and have programmers who don't know what they are doing).

      • by PPH ( 736903 )

        Even Equifax

        The only thing that will get heads to roll is if the mistake results in a material financial impact to the company AND the officers knew or should have known and failed to disclose these fact to the shareholders.

        In your example (Equifax) the settlement was for a pittance. Free credit checks for everyone. And maybe reimbursement of costs and losses if they can be proven* to be due to the data breech. Equifax came out of that deal smelling like a rose. No doubt in part to the roll they play in assisting gove

    • The question is who controls what gets revealed and what isn't.

      I seem to recall something called Wikileaks. How'd that work out for the liberty and openness of the world?

      How do you imagine Russian and Chinese blackmail operations deciding which American corporate executives are exposed and which stay in gravy would work out for the US economy?
  • and instead of a foreign entity it was an inside job and the perpetrators is either a corporate or government personnel or mix of both (fascist criminals)
  • This is basically Russia and China. Forget any notion of random groups of thieves exploiting complacency...that's business as usual, and largely irrelevant. This phenomenon is malignant state actors systematically invading and gaining leverage over global industry in ways that would be incredibly hard for an individual or a company to fight.

    People in a free society have this mistaken belief that authoritarian states run on outright violence, but their bread-and-butter tactics are extortion and blackmai
  • by Miles_O'Toole ( 5152533 ) on Friday September 10, 2021 @06:48PM (#61783857)

    Corporate liability for irresponsible or even criminal behaviour is non-existent in the United States, and almost non-existent elsewhere.

  • I thought it was talking about STELLARWIND [wikipedia.org] and this whole thing was about US surveillance efforts
  • Corporate America is not concerned about vulnerability, only liability.

He has not acquired a fortune; the fortune has acquired him. -- Bion

Working...