Statements cover, for example, Danmarks Nationalbank’s feature articles and opinion pieces published in the media, comments on reports from the Economic Council and comments on political proposals and decisions.

Danmarks Nationalbank’s comments on media reports about SolarWinds

The allegations about Danmarks Nationalbank was hacked and a back door to IT systems was open for 7 months are not correct.


The allegations about Danmarks Nationalbank was hacked and a back door to IT systems was open for 7 months are not correct. Like 18,000 other companies and organisations worldwide Danmarks Nationalbank was exposed to the vulnerabilities in SolarWind's software via its suppliers and subcontractors. In addition, the SolarWinds attack generally affected the financial infrastructure in Denmark.

The relevant systems at Danmarks Nationalbank were quickly contained and analyzed as soon as the compromise of SolarWinds Orion became known. Consistent and swift action was taken in a satisfactory manner.

Danmarks Nationalbank and the bank's suppliers use several tools and methods to monitor, contain and analyse situations where there is a suspicion of compromise. For security reasons, Danmarks Nationalbank cannot specify which tools or methods are used. In addition, in the specific situation, the IT architecture further minimized the risk of compromise. The analyses carried out conclude that Danmarks Nationalbank has not been compromised due to the vulnerabilities in SolarWind's software during the 7 month period until the vulnerability became known throughout the industry. This has also been confirmed by the bank's IT suppliers.