CUNA
  • Advocacy
    • Priorities we’re fighting for
    • Actions you can take
  • News
  • Learn
  • Compliance
  • Shop
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • COVID-19
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Contact
Learn More about Member Value

News

Member Benefits
Learn more
Learn more about the benefits of membership.
Home » CISA confirms ‘active exploitation’ of SolarWinds software
Policy & Issues

CISA confirms ‘active exploitation’ of SolarWinds software

December 17, 2020
Enhancing Detection Improves Credit Union Cybersecurity & Compliance

CUNA expressed concerns about the recent SolarWinds cyberattack in a letter to NCUA Thursday. The data breach that appears to be a most significant cyberattack in recent history, according to cybersecurity experts. Hackers corrupted a software update for Orion, an IT monitoring platform, to infiltrate nearly every sector of the economy, including credit unions and other financial institutions.

“As the NCUA seeks to determine the attack’s impact on the agency and as credit unions do the same, CUNA members have two concerns,” wrote CUNA President/CEO Jim Nussle. “First, we urge the agency to be forthright in its communications with credit unions if it is determined that the agency is impacted. Second, we call on NCUA to suspend the collection of data from credit unions until it can ascertain that its systems have not been and are not compromised.”

CUNA also suggests NCUA consider issuing guidance to alleviate stress from impacted credit unions as the full scope of the data breach will not be known for quite some time due to the complexity and sensitive nature of the attack.

The data breach, which started in March, pushed malicious code to an estimated 18,000 SolarWinds customers via Orion. These customers include government agencies, financial institutions, and vendors serving financial institutions.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert on the “active exploitation” of SolarWinds software and one on the “advanced persistent threat,” as well as an emergency directive calling on affected organizations take several mitigation actions.

The Treasury Department is seeking feedback from financial institutions that have run the compromised SolarWinds Orion systems at OCCIP-Coord@treasury.gov or anonymously through FS-ISAC at sharingops@fsisac.com. 

CUNA will provide more information as it becomes available. We are working with the NCUA, Treasury, and other government agencies to determine the impact on the financial sector and next steps for credit unions.

Credit Union Magazine - Winter 2020

Winter 2020

Credit Union Magazine’s Winter 2020 edition features CUNA’s 2021 lending outlook, CEO insights on adjusting to the pandemic, and board recruitment strategies.
Digital Edition •  Subscribe

Trending

  • Allowing capitalization of interest is consumer-friendly option

  • Todd Harper appointed NCUA Chairman

  • Compliance: NCUA, agencies issue FAQs on SAR, other AML requirements

Tweets by CUNA_News

Polls

Will you ask employees to receive the coronavirus vaccine?

View Results
More

Champion of America’s Credit Unions

Credit Union National Association is the only national association that advocates on behalf of all of America’s credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • About
  • Careers
  • Contact Us
  • Recommended Websites
  • Privacy Policy

Resources for

  • CUNA Board Members
  • Credit Union Advocates
  • Leagues
  • Press
  • Vendors