The resources below relate to recent cybersecurity attacks and related issues. The Department of Financial Institutions urges all regulated entities and individuals to stay abreast of developments related to these attacks and any implications they may have for your business. DFI will update this page as new resources become available.

Last Updated Feb. 11, 2021

Kentucky Department of Financial Institutions

• Jan. 13, 2021 – DFI Reminds Firms to Contact Regulators with Issues Related to SolarWinds Breach
  

Cyber Unified Coordination Group

• Jan. 5, 2021 – Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI)
• Dec. 16, 2020 – Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI)
  

U.S. Cybersecurity & Infrastructure Security Agency (CISA)

• Supply Chain Compromise
  
• Feb. 8, 2021 – Malware Analysis Report (AR21-039B) – MAR-103201115-1.v1 - TEARDROP
  
• Feb. 8, 2021 – Malware Analysis Report (AR21-039A) – MAR-10318845-1.v1 - SUNBURST
• Jan. 27, 2021 – Malware Analysis Report (AR21-021-027A) – MAR-10319053-1.v1 - Supernova
  
• Jan. 8, 2021 – Alert (AA21-008A) Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
• Revised Jan. 7, 2021 | Original Dec. 17, 2021 – Alert (AA20-352A) Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
  
• Revised Jan. 6, 2021 | Original Dec. 13, 2020 – CISA Issues Emergency Directive to Mitigate the Compromise of Solarwinds Orion Network Management Products
• Dec. 2020 What Every Leader Needs to Know about the Ongoing APT Cyber Activity

National Security Agency (NSA)

• Dec. 17, 2020 – NSA Cybersecurity Advisory: Malicious Actors Abuse Authentication Mechanisms to Access Cloud Resources
  • Infographic
  • Abridged Version
  • Full Advisory

SolarWinds

• SolarWinds Security Advisory
  

Microsoft Security Response Center

• Updated Feb. 5, 2021 – Solorigate Resource Center
  
• Revised Dec. 21, 2020 | Original Dec. 13, 2020 – Customer Guidance on Recent Nation-State Cyber Attacks
• Dec. 13, 2020 – Important Steps for Customers to Protect Themselves from Recent Nation-State Cyberattacks

FireEye

• UNC2452 and Sunburst Resource Center
• Dec. 13, 2020 – Threat Research: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor