Cyber Expert Warned SolarWinds In 2017

The SolarWinds breach is much bigger than first believed. The initial estimates were that Russia sent its hacking probes only into a few dozen of the 18,000 government and private networks. 

But after Microsoft dug deeper into the attacks it now appears Russia exploited multiple layers of the supply chain to gain access to as many as 250 networks.

A cyber security expert, Ian Thornton-Trump who worked at SolarWinds, says he warned the management about the possible serious hacking attacks if the company had not improved its internal security. 

Thornton-Trump now works as the chief information security officer at Cyjax and he says he had warned SolarWinds that it was not taking security seriously enough in 2017 when he worked as an adviser for the company. He later resigned from the company in May 2017 after giving a PowerPoint presentation with at least three SolarWinds executives raising his concerns.

In December 2020 a serious cyber attack led by state-backed Russian hackers affected more than 250 US federal agencies and private companies.  The hackers got into government and private networks by inserting malicious code into SolarWinds' premier software product, Orion.  And Solar Winds is believed to be one of several supply chain vendors Russia used in their hacking attacks. 

Current and former employees of SolarWinds suggest it was slow to make security a priority, even as its software was adopted by America’s premier cybersecurity company and federal agencies.

Employees say that this problem arose under Mr. Thompson, an accountant by training and a former CFO as he examined every part of the business for cost savings. Because of Thompson’s methods many security practices were lost because of their expense. His approach helped almost triple SolarWinds’ annual profit margins to more than $453 million in 2019 from $152 million in 2010, placing security at greater risk.

SolarWinds moved much of its engineering to satellite offices in the Czech Republic, Poland and Belarus, where engineers had broad access to the Orion network management software that Russia’s agents compromised.

Other former and current SolarWinds staffers say the company was slow to prioritise security, even when its software was adopted by top cybersecurity companies and federal agencies. SolarWinds only took action on security in 2017 under the threat of penalty from a new European privacy law, when it hired its first chief information officer and brought in a vice president of security architecture.  

While the motive for the attacks is not known, some believe it is a Russia effort to intimidate Washington just weeks before President-elect Biden's inauguration, to gain leverage against the US before forthcoming nuclear arms talks.

Intelligence officials say It could be months, years even, before they understand the breadth of the hacking. Jake Williams, a former hacker for the US National Security Agency (NSA) now president of cyber security firm Rendition Infosec, told reporters that technology companies such as SolarWinds that build and produce computer code often “don’t do security well”.

SolarWinds gained a foothold in the government marketplace many years ago because it was regarded as “idiot proof”, and was the first software of its kind, said Williams. “Orion is to network management systems what Kleenex is to tissue,” he said. “Other products are laughably complex and bad by comparison. It was the first actually easy-to-use network management system, and took off like wildfire as a result.”

Since it was founded in 1999, SolarWinds has  been awarded contracts with the US government worth more than US$230 million. Its software is used by many federal government agencies. The US military, the FBI, the Secret Service, the National Nuclear Security Administration, the Veterans Affairs. the Department of Homeland Security and others.

Bloomberg:     Newsweek:       New York Times:    SCMP:     Daily Mail

You Might Also Read:

The SolarWinds Hack Can Directly Affect Industrial Control Systems:

 

 

« Julian Assange Will Not Face Trial In The US - Yet
Social Media Platforms Block Donald Trump »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

HANDD Business Solutions

HANDD Business Solutions

HANDD are independent specialists in data protection with expertise at every stage of the Protect, Detect and Respond cycle, from consultancy and design, right through to installation.

Hitachi ID Systems

Hitachi ID Systems

Hitachi ID Systems offers comprehensive identity management and access governance, privileged access management and password management solutions.

KE-CIRT/CC

KE-CIRT/CC

KE-CIRT/CC is the national Computer Incident Response Team for Kenya.

Ceerus

Ceerus

Ceerus was created to simplify the process of deploying and managing security across all the channels in an organisation.

Cybercrime Investigation & Coordinating Center (CICC)

Cybercrime Investigation & Coordinating Center (CICC)

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

SMESEC

SMESEC

SMESEC is a lightweight Cybersecurity framework for protecting small and medium-sized enterprises (SME) against Cyber threats.

Applied Magnetics Laboratory (AML)

Applied Magnetics Laboratory (AML)

Applied Magnetics Laboratory is a manufacturer of military security and data destruction equipment for sensitive, classified, and secret information.

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet is a network of companies who collaborate to address skills needs within the technology sector.

Get Indemnity

Get Indemnity

Get Indemnity are specialist insurance brokers with experience working on a wide range of innovative business insurance products that combine risk management, indemnity and incident response services.

SecureLogix

SecureLogix

SecureLogix deliver a unified voice network security and call verification solution. Protect against call attacks & fraud.

HancomWITH

HancomWITH

Hancomwith is an information security company. We provide optimized blockchain solutions in areas including next-generation authentication, security and digital asset transaction.

ramsac

ramsac

ramsac provide secure, resilient IT management, cybersecurity, 24 hour support and IT strategy to businesses in London and the South East.

Easy Dynamics

Easy Dynamics

Easy Dynamics is a leading technology services provider with a core focus in Cybersecurity, Cloud Computing, and Information Sharing.

Lumifi

Lumifi

Lumifi provide end-to-end cybersecurity resilience solutions with a specialty in managed detection and response (MDR) services.

Triskele Labs

Triskele Labs

Triskele Labs deliver services including Penetration Testing, Compliance and Risk Management through to 24*7*365 Security Operations and outsourced Cybersecurity Managers.

Health Sector Cybersecurity Coordination Center (HC3)

Health Sector Cybersecurity Coordination Center (HC3)

HC3 was created by the US Department of Health and Human Services to aid in the protection of vital, controlled, healthcare-related information.