In a new wrinkle in the SolarWinds saga, which is still unfolding, it appears that some of the company’s major investors sold about $ 280 million in shares a few days before the news of its role in a abast. federal cyberattack was made public.
This is according to a new one Washington Post Report which specifically calls for two investment companies:Silver Lake i Thoma Bravo—That together they own a huge 70% of all SolarWind shares and controlled six of the company’s board of directors. The two companies sold $ 158 million and $ 128 million in shares, respectively, on December 7, six days before SolarWinds revealed that some of its control products were undergoing a “highly sophisticated” attack at the hands of an unnamed nation-state.
Interestingly, those sales also happened a few days before the company’s long-term CEO, Kevin Thompson, announced his resignation after nearly ten years with the company.
The sequence of events could raise eyebrows among application officers, given how SolarWinds actions worked took a fall approximately 22% immediately after the infringement. Jacob S. Frenkel, a former senior SEC attorney who told The Post, major transactions before any major announcement, such as a change of leadership or the disclosure of a major infraction, is “a formula for an investigation into privileged operations “. An investigation like this could take up to a year, he added.
Just to briefly review how SolarWinds ended up in the cyber focus: on December 8, the cybersecurity firm FireEye revealed who had been the victim of a cyberattack that, as CEO Kevin Mandia told a blog post at the time, it ultimately resulted in the company hijacking some high-profile piracy tools. Mandia did not publicly speculate on who was behind the attack, but White House officials have pointed to Russian intelligence agencies as a possible culprit, according to separate reports from The mail i The times.
G / O Media may receive a commission
Ultimately, the attack was located at a back door built into Orion, an IT management platform that SolarWinds produces, which some industry sources he told the Wall Street Journal formed the foundational “plumbing” for an incalculable number of companies. In a presentation with the SEC, SolarWinds claimed to have earned approximately $ 343 million in the first nine months of this year with its myriad of Orion products. In total, it accounted for about 45% of the company’s revenue during this period.
After the attack, SolarWinds disclosed that of the 33,000 users of the Orion platform, “less than 18,000” downloaded an update during the months of March and June of this year that came surreptitiously packaged with malware, according to the company. Aside from FireEye, Reuters later reported that the SolarWinds backdoor was used to breach systems belonging to the Department of Homeland Security, Finance and Commerce, among others.
On the same day that SolarWinds published its disclosure, the Cybersecurity and Infrastructure Agency (CISA) of the Department of Homeland Security (CISA) issued a emergency directive stating that this commitment entailed “unacceptable risks” to the overall security of federal networks.
In a joint statement to The Post, representatives from both Silver Lake and Thomas Bravo said the stock sales were the result of a “private placement” with a single investor and that neither was aware of the imminent cyber attack before entering into this agreement. We’ve contacted SolarWinds for feedback and we’ll update here when we find out again.