SAN FRANCISCO (Reuters): The company that hackers use as a springboard for the worst known breach of U.S. government equipment in at least five years has hired some of the big security names to help it recover if.
SolarWinds Corp., which had backdoored versions of its network management software for thousands of customers, had already hired CrowdStrike Holdings Inc. to help it assess intrusion and protect it in the future.
On Thursday, he hired a new consulting business consisting of former U.S. Cyber Security and Infrastructure Security Agency chief Chris Krebs and Alex Stamos, former head of security at Facebook Inc.
Krebs was the first leader of the CISA national security unit and led the national effort to keep the 2020 elections safe from piracy and dispel related misinformation. He was fired by President Donald Trump after he continued to claim that the election was not “called,” but was free of electronic traps.
Trump has falsely claimed that the Nov. 3 election, which he lost to Democrat Joe Biden, was riddled with fraud.
Stamos, an adjunct professor at Stanford, helped coordinate a broader effort by academics and nonprofits to quickly dispel coordinated attempts to disseminate election-related false information. He was also one of those who led to advise on security to the fast-growing video conferencing company Zoom Video Communications Inc. after reporting a number of bugs.
Krebs said he planned to devote himself fully to the new business, which will recommend security practices for various clients and also combat coordinated misinformation.
“There have been successful leaders who embrace cybersecurity, but also community and engagement, and they don’t usually survive in that environment, they thrive,” Krebs said in an interview. “We want to help executives become these leaders. There is a process we want to help organizations build. ”
The SolarWinds code has been found within half a dozen federal agencies that were later exploited by hackers according to U.S. officials who had been working for the Russian government, which has denied it.
SolarWinds chief executive Sudhakar Ramakrishna, who joined the company this week, said in a blog post that hiring experts was part of an effort to help transform the company, which has been criticized. for its low security.
“We have brought the experience of Chris Krebs and Alex Stamos to assist in this review and provide the best guidance on our journey to evolve into a leading company in secure software development in the industry,” said a spokesman for the company by email.
Stamos said he was not interested in a full-time job at the Biden administration and would prefer to advise part-time with several companies, either in crisis or hoping to get in better shape than one.
“These current Russian attacks have created a new set of companies that now realize they need to play at a much higher level,” Stamos said.
Reports by Joseph Menn; Additional reports by Kanishka Singh; Edited by Peter Cooney