Ex US CISA Director Chris Krebs & former Facebook CISO Alex Stamos have joined up to create a new consulting group – immediately hired by SolarWinds.
SolarWinds, which has suffered a recent, widescale hack, has called in 2 security heavy weights for help: Former Director of the Cyber-Security & Infrastructure Security Agency (CISA) Chris Krebs, & former Facebook Security Executive Alex Stamos.
Crisis-Response
Texas-based Solar Winds hired the 2 as crisis-response consultants in the aftermath of a cyber-attack, found in Dec., in which the company’s network-management platform was targeted in a huge supply-chain hack. Several high-profile victims were affected – including the US Dept. of Homeland Security (DHS), & the Treasury & Commerce depts.
Krebs is the former (& 1st Director of CISA – appointed in 2018. In Nov., he was axed by the Trump administration in a move that drew huge public criticism from govt. officials & security experts alike.
Stamos is the former Facebook CISO, & the founder of the Stanford Internet Observatory. Stamos over the 12 months has been used by other companies hit by various security scandals – including Zoom, after a huge COVID-19 surge in its user base led to Zoom-bombing cyber-attacks & privacy concerns.
Consulting Business
1st reported by The Financial Times on Thurs., the 2 paired up to launch a cyber-security consulting business, called the Krebs Stamos Group. Says the company’s website, the consulting team works with companies to help them understand the various security risks that they face, as well as their weaknesses, “& the role they play in the security of our wider society.”
“Our concept is simple: help businesses manage cyber-security risk as business risk, making the internet a safer place in the meantime,” commented Krebs on Twitter on Fri.
Smart Hire
Security experts praised SolarWinds’ decision to use the new firm, with security researcher Kevin Beaumont saying on Twitter: “This is a really smart hire.”
The need for security expertise moving forward is essential for SolarWinds as the company continues to face fallout from the hack. This week, the US Dept. of Justice (DoJ) announced that cyber-criminals breached its Office 365 email server as part of the massive hack.
In Dec. it was discovered that an attack using the default password (“SolarWinds123”) of the Solar Winds platform gave attackers a way into its software-updating mechanism.
Combining that with SolarWinds’ deep visibility into customer networks became a “perfect storm” contributing to the widespread success of the attack, researchers have commented. The US Govt. has identified Russia as the “likely” culprit behind this attack.
Foreign Intrusion
On Twitter on Fri., Stamos explained “We have already engaged in helping understand & recover from what looks to be 1 of the most serious foreign intrusion campaigns in history, & we will be helping others learn from this attack.”
SolarWinds CEO Sudhakar Ramakrishna (former CEO of Pulse Secure), who was brought on board before the company was notified of the cyber-attack, observed the company is engaging with industry colleagues, 3rd-party security experts & intelligence agencies worldwide, as part of the investigation.
Statement
“We have engaged several leading cyber-security experts to assist us in this journey & I commit to being transparent with our customers, our govt. partners, & the general public in both the near-term & long-term about our security enhancements to ensure we maintain what’s most important to us – your trust,” Ramakrishna remarked on Thurs.
https://www.cybernewsgroup.co.uk/virtual-conference-january-2021/
