Hacking victim SolarWinds hires ex-Homeland Security officialPosted On: Jan. 8, 2021 12:21 PM CST
(Reuters) — The company used by hackers as a springboard for the worst-known breach of U.S. government computers in at least five years has hired some of the biggest names in security to help it recover.
SolarWinds Corp., which had backdoored versions of its network-management software go out to thousands of customers, had already hired CrowdStrike Holdings Inc. to help it assess the intrusion and protect it.
On Thursday, it hired a new consulting business formed by former U.S. Cybersecurity and Infrastructure Security Agency head Chris Krebs and Alex Stamos, former chief security officer at Facebook Inc.
Mr. Krebs was the first leader of Homeland Security unit CISA and led the national effort to keep the 2020 election safe from hacking and to dispel related misinformation. He was fired by President Donald Trump after he continued to assert the election was not “rigged” but free from electronic chicanery.
President Trump has falsely claimed that the Nov. 3 election, which he lost to Democrat Joe Biden, was riddled with fraud.
Mr. Stamos, an adjunct professor at Stanford, helped coordinate a broader effort by academics and nonprofits to rapidly dispel coordinated attempts to spread false election-related information. He also was among those brought in to advise on security at fast-growing video conferencing company Zoom Video Communications Inc. after a series of flaws were reported.
Mr. Krebs said he planned to fully devote himself to the new business, which will recommend security practices for multiple clients and also combat coordinated misinformation.
“There have been successful leaders that embrace cybersecurity but also the community and engagement, and they tend to not just survive in this environment, but thrive,” Mr. Krebs said in an interview. “We want to help executives become those leaders. There’s a process that we want to help organizations build.”
SolarWinds code has been found inside a half-dozen federal agencies that were then exploited further by hackers said by U.S. officials to have been working for the Russian government, which has denied it.
SolarWinds Chief Executive Sudhakar Ramakrishna, who joined the company this week, said in a blog post that hiring the experts was part of an effort to help transform the company, which has been criticized for poor security.
“We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry-leading secure software development company,” a company spokesman said by email.
Mr. Stamos said he was not interested in a full-time job in President-elect Biden’s administration, and would rather advise part-time with multiple companies either in crisis or hoping to get in better shape before one.
“These current Russian attacks have created a new set of companies who now realize they need to be playing at a much higher level,” Mr. Stamos said.