(Reuters) – The company used by hackers as a springboard for the worst-known hacking of US government computers in at least five years has employed some of the biggest security names to help it recover.
SolarWinds Corp. , which had backdoor versions of its network management software reaching out to thousands of customers, had already hired CrowdStrike Holdings Inc. to help it assess the intrusion and protect it.
On Thursday, it hired a new consulting firm formed by former U.S. Chief of Cyber Security and Infrastructure Security Chris Krebs and Alex Stamos, former security chief of Facebook Inc.
Mr. Krebs was the first leader of the Homeland Security unit CISA and led the national effort to keep the 2020 election safe from hacking and to dispel related misinformation. He was fired by President Donald Trump after he continued to claim that the election was not "rigged" but free from electronic harassment.
President Trump has wrongly claimed that the November 3 election, which he lost to Democrat Joe Biden, was riddled. with fraud.
Mr. Stamos, an adjunct professor at Stanford, helped coordinate a broader effort by academics and nonprofits to quickly dispel coordinated attempts to spread false election-related information. He was also one of those brought in to advise on the security of the fast-growing video conferencing company Zoom Video Communications Inc. after a number of shortcomings were reported.
Mr. Krebs said he planned to focus entirely on the new business, which will recommend security practices for multiple customers and also combat coordinated misinformation.
"There have been successful leaders who embrace cybersecurity but also society and commitment, and they tend to not only survive in this environment but also thrive," Krebs said in an interview. “We want to help managers become these leaders. There is a process we want to help organizations build.
The SolarWinds Code has been found in half a dozen federal agencies, which were then further exploited by hackers who were told by US officials that they had worked for the Russian government, which has been denied.
SolarWind's CEO Sudhakar Ramakrishna, who joined the company this week, said in a blog post that hiring the experts was part of an effort to help transform the company, which has been criticized for poor security.
"We have brought in the expertise of Chris Krebs and Alex Stamo to assist in this review and provide the best-in-class guidance on our journey to evolving into an industry-leading secure software development software," said a company spokesman via email. [1
"These current Russian attacks have created a new set of companies that now realize they need to play at a much higher level," says Stamos. Catalog