Source: Shutterstock
In February, the Senate Intelligence Committee hosted a hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies, raising four key issues:
- How Amazon Web Services may have been used to host malicious infrastructure;
- Why the attackers conducted a "dry run";
- What the true motives were for the attack, which apparently was waged by Russian hackers; and
- How the incident could lead to better cyberthreat and intelligence information sharing.
While these points are all valid to uncover the scope and motive of this attack, they do not help credit unions understand the necessary actions to improve protection. The lesson of this breach is not limited to SolarWinds. For credit unions considering how to respond to the SolarWinds breach, simply dropping SolarWinds as a vendor will not eliminate vulnerability of the systems and vendors that have access to your network. Credit unions need to assess all of their vendors to understand the remote monitoring and management tools installed on their networks, and how they manage security and mitigate risk when using those tools.
Continue Reading for Free
Register and gain access to:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts.
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders.
- Educational webcasts, white papers, and ebooks from industry thought leaders.
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com.
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
