Get Permission
Former CISA Director Christopher Krebs at the RSA 2020 conference in San Francisco. (Photo: Mathew J. Schwartz/ISMG)
Embattled software firm SolarWinds is following an increasingly common move for organizations that suffer a serious security failure or data breach: Call in experienced, high-profile crisis experts to advise and help rebuild.
Texas-based SolarWinds has hired Chris Krebs - the former U.S. government cybersecurity czar who was fired by President Donald Trump after he stated that the 2020 election was the most secure in history - to serve as an independent consultant.
As the Financial Times first reported, Krebs now says that he and new business partner Alex Stamos, the former CSO of Facebook, will help SolarWinds with its crisis response.
Get Permission
The FBI, CISA and the ODNI are leading the U.S. government s response to the apparent cyberespionage operation that backdoored the widely used SolarWinds Orion network monitoring software.
American technology giants Cisco and Intel are among the thousands of organizations that have been affected by the supply chain attack targeting software vendor SolarWinds and, by extension, its customers.
The attack campaign, which was first revealed Sunday by FireEye, one of its victims, centers on the Orion network monitoring software from SolarWinds, a technology firm based in Austin, Texas, that until recently had a valuation of about $1 billion.
While SolarWinds may be relatively unknown, the company has 300,000 customers, of which nearly 18,000 may have been caught up in the supply chain attack, which involved attackers adding a backdoor to the company s Orion software, apparently by having infiltrated its software development pipeline (see:
Get Permission
The FBI, CISA and the ODNI are leading the U.S. government s response to the apparent cyberespionage operation that backdoored the widely used SolarWinds Orion network monitoring software.
American technology giants Cisco and Intel are among the thousands of organizations that have been affected by the supply chain attack targeting software vendor SolarWinds and, by extension, its customers.
The attack campaign, which was first revealed Sunday by FireEye, one of its victims, centers on the Orion network monitoring software from SolarWinds, a technology firm based in Austin, Texas, that until recently had a valuation of about $1 billion.
While SolarWinds may be relatively unknown, the company has 300,000 customers, of which nearly 18,000 may have been caught up in the supply chain attack, which involved attackers adding a backdoor to the company s Orion software, apparently by having infiltrated its software development pipeline (see:
Source: U.S. Cybersecurity and Infrastructure Agency s Emergency Directive 21-01
Numerous security alerts have been issued regarding the supply chain attack targeting software vendor SolarWinds and, by extension, its customers.
The full scope of the attack campaign, which was first revealed Sunday by FireEye - one of its victims - remains unclear, as does the complete roster of victims. The U.S. Treasury and Commerce Department have acknowledged they have been affected by these attacks, and on Monday, the Washington Post and Reuters reported that the Department of Homeland Security might have been affected as well. Plus, late Monday news reports said the Department of Homeland Security, State Department and National Institutes of Health were also hit.