Investors Sue SolarWinds Directors Over Security Breach

Can more data save our climate?

Group of investors sues SolarWinds directors over massive 2020 security breach, as Microsoft warns Russian hackers ramping up attacks on resellers

A group of investors has filed a lawsuit against SolarWinds’ directors, maintaining they could have prevented an attack that led to the compromise of thousands of companies and several branches of the US government.

The lawsuit, filed in Delaware and led by a Missouri pension fund, appears to be the first based on records shareholders demanded from the company in the wake of the hack, which came to light in December 2020.

The suit names a list of current and former directors as defendants.

The investors allege the board failed to implement procedures that could have prevented the attack from taking place, such as requiring the company’s management to regularly report on cybersecurity risks.

security, cybercrime, microsoft, solarwinds
Image credit: Microsoft

Massive breach

The plaintiffs are seeking damages on behalf of the company and a reform in SolarWinds’ policies on cybersecurity oversight.

SolarWinds has said it is cooperating with investigations into the breach by the US Securities and Exchange Commission, the Department of Justice and others.

The company has moved to dismiss another shareholder lawsuit seeking damages for a decline in its share price.

The hack has led to an overhaul of US government cybersecurity measures this year, with President Joe Biden last week ordering federal agencies to fix hundreds of vulnerabilities in their computer systems within a six-month period.

Microsoft said late last month that the hacking group behind the attack, which it calls Nobelium, has stepped up its attacks this year and is now targeting technology resellers, including companies that resell cloud services.

Further attacks

It said Nobelium is seeking to impersonate technology firms companies regularly deal with in order to gain unauthorised access to their systems.

The current campaign began in May of this year, and at least 14 resellers and service providers have been compromised, Microsoft said.

Microsoft said it had issued more than 22,000 warnings to customers over Nobelium attacks from 1 July to 19 October of this year, compared to 20,000 warnings for all attacks by nation-state hacking groups for the previous three years.

The US government has identified Nobelium as working on behalf of the Russian foreign intelligence service, the SVR. Russia has denied involvement.

Microsoft said in June that Nobelium had stolen some “basic” customer information from Microsoft’s own technical support agents.

After publishing this article we just receive a statement from SolarWind spokesperson:

“We do not comment on pending litigation, but this action is similar to a purported derivative lawsuit filed earlier this year. More importantly, we continue to focus on deepening our relationships with customers and openly discussing our Secure by Design initiatives as we look to set the standard for secure software development.”