The software company targeted by Russian hackers as part of one of the most wide-ranging cyber-espionage campaigns in recent years has the hired former US government cybersecurity chief Chris Krebs to help recover and learn lessons from the incident.
Hackers breached the network of SolarWinds before planting Sunburst malware into its Orion software update packages. As a result of this supply-chain attack, hackers had access to the networks of around 18,000 SolarWinds customers around the world, including the US government.
Agencies targeted included the Department of State; Department of Homeland Security; National Institutes of Health; the Pentagon; Department of the Treasury; Department of Commerce; and the Department of Energy, including the National Nuclear Security Administration.
SEE: Security Awareness and Training policy (TechRepublic Premium)
Cybersecurity company FireEye was also targeted as part of the espionage campaign as what they described as state-sponsored hackers looked for information on government customers.
The US government has formally blamed Russia for being behind the massive supply-chain attack, the full consequences of which may still not be known.
Now SolarWinds has brought in Chris Krebs, who served as Director of the Cybersecurity and Infrastructure Security Agency (CISA) until November last year when he was fired by Donald Trump. Krebs was fired by Trump via Twitter for debunking the outgoing President's dubious claims about election fraud following his loss to Joe Biden.
Krebs has been hired by SolarWinds as an independent consultant after forming a new business with Stanford University professor and ex-Facebook chief security officer Alex Stamos. The pair will be working with SolarWinds to repair the damage of the attack and improve the company's security.
"Armed with what we have learned of this attack, we are also reflecting on our own security practices and seeking opportunities to enhance our posture and policies," a SolarWinds spokesperson told ZDNet by email.
"We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry-leading secure software development company."
The hiring of Krebs and Stamos comes as SolarWinds president and CEO Sudhakar Ramakrishna – who himself only joined the company this week – outlined plans to learn from the cyberattack.
"We have engaged several leading cybersecurity experts to assist us in this journey and I commit to being transparent with our customers, our government partners, and the general public in both the near-term and long-term about our security enhancements to ensure we maintain what's most important to us – your trust," he wrote in a blog post.
MORE ON CYBERSECURITY
- SolarWinds: The more we learn, the worse it looks
- Microsoft says SolarWinds hackers viewed source code CNET
- How do we stop cyber weapons from getting out of control?
- How to combat future cyberattacks following the SolarWinds breach TechRepublic
- Investigation launched into vulnerabilities found within US Judiciary case file system