SolarWinds cyber attack sees significant financial impact on annual revenue
The SolarWinds Cyber Attack had a significant financial impact on affected organisations, with the attack costing on average 11% of annual revenue, new research has found.
IronNet Cybersecurity, in its mission to transform cybersecurity through Collective Defense, released its 2021 Cybersecurity Impact Report assessing timely topics such as the estimated cost per enterprise of the SolarWinds cyber attack, executive-level engagement in attack responses, and the effect of information sharing on an organisation's overall security posture.
The report revealed a complex relationship between the reported level of confidence organisations have in their cybersecurity posture and their ongoing attack volume and impact: that is, despite rising confidence, incidents are increasing, too.
While 92% of respondents express confidence in their current security technology stack, adversaries are still evading traditional defensive technologies. Nearly half of respondents cited a rise in cyber incidents in the past 12 months, in part due to the increasing sophistication of attacks; and the SolarWinds attack cost, on average, 11% of affected respondents' annual revenue.
What is helping, however, is information sharing: Responses revealed positive effects of cyber-related information sharing on an organisation's overall cybersecurity posture.
According to the report, 90% of respondents indicated that the security posture of their company has improved over the past two years, and 72% of companies who have increased information sharing with industry peers report their overall security posture has improved over the past two years.
Despite the reported benefits of information sharing for improving cybersecurity, respondents indicated that there are still obstacles that limit collaboration among industry peers: concerns about data privacy and liability (53%), the lack of an automated or standard mechanism to share information with peers (34%), and the fact that shared information is not timely or relevant by the time companies receive it (33%).
“Organisations are clearly struggling to keep up with the volume and impact of cyber attacks coming from well-funded and well-organised nation states," says Keith Alexander, founder and co-CEO of IronNet.
"We believe that the main reason for this is that every organisation is still trying to battle these attacks individually, when they should be working together to create an exponentially stronger defense," he says.
"Sharing and operationalising attack intelligence through a Collective Defense model provides that automated, real-time solution that is missing in the market, and can be done securely, using anonymised data. This is the only way to ultimately shift the balance of power away from the attackers.
"Fortunately, our survey data shows that organisations are starting to increase their information sharing and are seeing benefits from doing so. This is a positive signal towards the adoption of Collective Defense.
Through the Collective Defense model, IronNet is taking information sharing and collaboration to a new level by enabling anonymised, real-time threat sharing to maximise visibility into the attack landscape and minimise impact on an organisation's operations.
Answering Calls to Action
Calls for faster, more relevant threat information sharing continue to come from industry- and national-level cybersecurity initiatives. Former President Barack Obama initiated momentum on this concept with his 2015 Executive Order on Cybersecurity, which promoted private sector cybersecurity information sharing. In March 2020, the U.S. Cyberspace Solarium Commission report emphasised this same call to action, as did President Biden's U.S. Presidential Executive Order on Improving the Nation's Cybersecurity in May 2021, emphasising threat information sharing as a primary theme and signalling to the public and private sectors that still more of this type of collaboration is needed in a timely, immediate, and relevant way.
The report's findings related to the SolarWinds/SUNBURST attack revealed that organisations are urgently turning toward a threat-sharing model.
The attack, according to SolarWinds' own advisory from December 2020 and an initial statement from the United States Cybersecurity and Infrastructure Security Agency in January 2021, affected approximately 18,000 affected public and private sector customers of Solar Winds' Orion product. "A much smaller number have been compromised by follow-on activity on their systems."
In February, Deputy National Security Advisor Anne Neuberger revised the numbers and said that 100 private sector companies and nine federal agencies had been affected.
The report provided an inside look into the financial damage stemming from this widespread supply chain attack.
Among the 85 percent of respondents affected by SolarWinds, nearly one third said their organisation felt a significant financial impact from the attack. In fact, the attack cost affected companies, on average, 11% of their annual revenue.
These findings demonstrate the pressing need for a transformative approach to cybersecurity — an approach that operationalises timely, relevant, and actionable threat sharing among industry peers and with the government.