According to an email obtained by CNN, the chief executive of US software company SolarWinds said to employees that the firm would 'vigorously defend itself' in the event of legal action by US regulators regarding the firm's handling a massive 2020 hack by alleged Russian hackers.
SolarWinds filed a report with regulators Friday stating that the US Securities and Exchange Commission informed former and current SolarWinds executives of its intention to recommend civil enforcement action, alleging that the company violated federal securities laws through public statements and internal controls.
The US government has promised to correct the cybersecurity and counterintelligence failings that occurred when the hackers, who were allegedly working for the Russian foreign spy service, accessed the unclassified email systems of the Departments of Justice, Homeland Security, and other agencies using SolarWinds.
The SEC's notice indicates that US regulators may be moving towards a civil suit against SolarWinds, which could lead to fines or penalties. The Wells notice is not an official charge or a determination that the defendant has broken the law.
In an email sent to employees, SolarWinds CEO Sudhakar Ramakrishna stated that despite our extraordinary efforts to inform and cooperate with the SEC, the SEC continues to adopt positions which we believe do not match the facts.
SolarWinds will continue to investigate a possible resolution before the SEC takes any final decisions, Ramakrishna stated, adding that SEC's investigation could become a distraction for employees in the next few months.
CNN's Friday night request for comment was not answered by the SEC. The Biden Administration has increasingly adopted regulation to force big software providers and critical-infrastructure firms to improve their cyber practices.
SolarWinds' spokesperson told CNN that the company was cooperating with a lengthy investigation process which appears to be leading to SEC charges against our officers and company. Any potential action would make the industry less safe by reducing disclosure of cyber incidents.
SolarWinds, based in Austin, Texas, maintains it responded appropriately to the hack. Cybersecurity experts have praised its sophistication and scale. Hackers used SolarWinds software and that of other technology companies to penetrate US government agencies and corporations in an apparent spying operation for several months in 2020.
Moscow denies involvement
After the hack was made public, US legislators demanded answers from federal cyber officials about why the hackers went undetected for such a long time. They also criticized SolarWinds' security practices before the hack.
SolarWinds, however, says that it has implemented numerous security reforms over the years following the hack. It has also pushed this message of reform during public appearances with federal officials.
LINK & __LINK__etwork, Inc., a Warner Bros. Discovery Company. Discovery Company.