The former CISA director, Chris Krebs, became a consultant for SolarWinds. This comes as a help after the attack infected SolarWinds’ software and spread to important government and private customers.
After the attack, the company hired Krebs to counsult on the breach, together with former Facebook Chief Security Officer, Alex Stamos.
The ex-CISA executive came after the attacks
Krebs should investigate how hackers managed to penetrate company’s system and insert malware into an update of the Orion products. As a result, thousands of clients installed the hacked update. Thus, attackers accessed their systems.
Among the targets, there were major hospitals and also tech companies.
So, the company mentioned that Kribs and Stamos would “assist in this review,” in order to provide the best guidance. This should help the company to become a “secure software development company,” according to SolarWinds.
Also, Sudhakar Ramakrishna, SolarWinds’ CEO, published a blog post in which he explained the approach of the company regarding the hack.
The SolarWinds attack was hard to detect
A group of hackers supposedly affiliated with the Russian government gained access to computers of many US state departments, including the US Treasury and Commerce. The campaign that seems to have started in March triggered an emergency meeting of the US National Security Council on December 12th.
In order to reach their goal, hackers compromised the infrastructure of SolarWinds, which produces Orion – a platform for monitoring network and apps. Afterwards, they produced and distributed the trojanized updates to the software’s users.
The attack worried everyone, as the company serves all branches of the US Military, the Pentagon and the State Department. Also, the top ten US telecom companies and the top five account firms are its customers.
Krebs was fired by President Donald Trump
At CISA, Chris Krebs was in charge to oversee the 2020 US presidential election. He ran a government website which debunked false claims of election fraud.
Because of this, he was fired by President Donald Trump, in November. At that point Krebs formed a consultancy with former Facebook Chief Security Officer, Alex Stamos.
Trump’s decision to fire him came with a very strong negative reaction from both the cybersecurity community and lawmakers.
According to CISA, hackers also used password guessing and password spraying, besides trojanized updates, to breach targets.