Private Capital
March 2, 2021

Carrier Response to SolarWinds Breach

New research into the malware that caused a mega-breach at SolarWinds shows the perpetrators spent months inside the company's software development labs before their attack. During this time they inserted malicious code into updates that SolarWinds then shipped to thousands of customers. The research suggests that this technique could be repurposed against many other major software providers. Because of this, some insurance companies are adding a Government Shutdown Endorsement on all policies due to concerns that the government will force a shutdown of an Insured’s system due to a malware breach.

Carriers have begun to ask the following questions and increase rates/premiums by 20% - 40%.

  1. Do you currently run a version of SolarWinds ORION vulnerable to the SUNBURST or SUPERNOVA backdoors?
  2. Explain what steps you’ve taken to isolate SolarWinds ORION backdoor risk(s).
  3. Have you at any time run a version of SolarWinds ORION vulnerable to the SUNBURST or SUPERNOVA backdoors?
  4. What measures have you taken to investigate the potential malicious activity in your system?
  5. Do you currently have any evidence of malicious activity as a result of this vulnerability in your system?