SolarWinds hires Chris Krebs and Alex Stamos following huge hack

  • SolarWinds is hiring former Homeland Security official Chris Krebs and ex-Facebook security chief Alex Stamos to help shore up its security following its huge hack, which government agencies said was probably “Russian in nature.”
  • Krebs and Stamos both told The Financial Times they expect to uncover a lot more damage done by the hack than has been reported already.
  • Krebs headed up the Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) until November, when he was fired by President Trump.
  • Visit Business Insider’s homepage for more stories.

SolarWinds has hired two of the biggest names in cybersecurity, following the gigantic breach, which meant it acted as the gateway for hackers to penetrate US government systems.

SolarWinds announced on Thursday it was retaining a new security consulting business founded by Chris Krebs, a former Homeland Security cybersecurity official, and ex-Facebook security chief and Stanford University professor Alex Stamos.

The SolarWinds hack was first revealed in December, and likely had been ongoing since at least March. Hackers got into SolarWinds’ systems, which monitor for server outages. From there, were able to get into the systems of US government agencies by putting out malicious code in SolarWind updates. A joint task force of US agencies on Tuesday issued a statement saying the hack was “likely Russian in nature.”

“We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry leading secure software development company,” a company spokesman told Reuters in a statement.

Krebs told The Financial Times it will take years to uncover the full extent of the damage done by the hack.

“This has been a multiyear effort by one of the very best, the most sophisticated intelligence operations in the world. It was just one small part of a much larger plan that’s highly sophisticated, so I would be expecting more companies that have been compromised; more techniques that we’re yet to find […] There’s so much more to be written I think in this chapter of Russian cyber-intelligence operations,” said…