Cyber Expert Warned SolarWinds In 2017

The SolarWinds breach is much bigger than first believed. The initial estimates were that Russia sent its hacking probes only into a few dozen of the 18,000 government and private networks. 

But after Microsoft dug deeper into the attacks it now appears Russia exploited multiple layers of the supply chain to gain access to as many as 250 networks.

A cyber security expert, Ian Thornton-Trump who worked at SolarWinds, says he warned the management about the possible serious hacking attacks if the company had not improved its internal security. 

Thornton-Trump now works as the chief information security officer at Cyjax and he says he had warned SolarWinds that it was not taking security seriously enough in 2017 when he worked as an adviser for the company. He later resigned from the company in May 2017 after giving a PowerPoint presentation with at least three SolarWinds executives raising his concerns.

In December 2020 a serious cyber attack led by state-backed Russian hackers affected more than 250 US federal agencies and private companies.  The hackers got into government and private networks by inserting malicious code into SolarWinds' premier software product, Orion.  And Solar Winds is believed to be one of several supply chain vendors Russia used in their hacking attacks. 

Current and former employees of SolarWinds suggest it was slow to make security a priority, even as its software was adopted by America’s premier cybersecurity company and federal agencies.

Employees say that this problem arose under Mr. Thompson, an accountant by training and a former CFO as he examined every part of the business for cost savings. Because of Thompson’s methods many security practices were lost because of their expense. His approach helped almost triple SolarWinds’ annual profit margins to more than $453 million in 2019 from $152 million in 2010, placing security at greater risk.

SolarWinds moved much of its engineering to satellite offices in the Czech Republic, Poland and Belarus, where engineers had broad access to the Orion network management software that Russia’s agents compromised.

Other former and current SolarWinds staffers say the company was slow to prioritise security, even when its software was adopted by top cybersecurity companies and federal agencies. SolarWinds only took action on security in 2017 under the threat of penalty from a new European privacy law, when it hired its first chief information officer and brought in a vice president of security architecture.  

While the motive for the attacks is not known, some believe it is a Russia effort to intimidate Washington just weeks before President-elect Biden's inauguration, to gain leverage against the US before forthcoming nuclear arms talks.

Intelligence officials say It could be months, years even, before they understand the breadth of the hacking. Jake Williams, a former hacker for the US National Security Agency (NSA) now president of cyber security firm Rendition Infosec, told reporters that technology companies such as SolarWinds that build and produce computer code often “don’t do security well”.

SolarWinds gained a foothold in the government marketplace many years ago because it was regarded as “idiot proof”, and was the first software of its kind, said Williams. “Orion is to network management systems what Kleenex is to tissue,” he said. “Other products are laughably complex and bad by comparison. It was the first actually easy-to-use network management system, and took off like wildfire as a result.”

Since it was founded in 1999, SolarWinds has  been awarded contracts with the US government worth more than US$230 million. Its software is used by many federal government agencies. The US military, the FBI, the Secret Service, the National Nuclear Security Administration, the Veterans Affairs. the Department of Homeland Security and others.

Bloomberg:     Newsweek:       New York Times:    SCMP:     Daily Mail

You Might Also Read:

The SolarWinds Hack Can Directly Affect Industrial Control Systems:

 

 

« Julian Assange Will Not Face Trial In The US - Yet
Social Media Platforms Block Donald Trump »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DNV

DNV

DNV are the independent expert in assurance and risk management. We deliver world-renowned testing, certification and technical advisory services.

IoT Now

IoT Now

IoT Now explores the evolving opportunities and challenges facing CSPs, and we pass on some lessons learned from those who have taken the first steps in next gen IoT services.

PROMIA

PROMIA

PROMIA is in the business of providing solutions that are designed to support highly secure, reliable, scalable and interoperable business applications.

Network Box

Network Box

Network Box is one of the world's leading Managed Security Service Providers.

SaferVPN

SaferVPN

SaferVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

Gospel Technology

Gospel Technology

Gospel presents a totally new way of accessing and controlling data which is enterprise grade scalable, highly resilient, and secure.

Injazat

Injazat

Injazat Data Systems is an industry recognized market leader in the Gulf region for Information Technology, Data Center and Managed Services.

Microchip Technology

Microchip Technology

Microchip Technology Inc. is a leading provider of smart, connected and secure embedded control solutions.

ShardSecure

ShardSecure

ShardSecure Microshard technology eliminates data sensitivity, providing security, privacy and compliance beyond encryption.

Conseal Security

Conseal Security

Mobile app security testing done well. Conseal Security are specialists in mobile app penetration testing. Our expert-led security analysis quickly finds security vulnerabilities in your apps.

Ibento Global

Ibento Global

Ibento organises the CyberX series of cybersecurity conferences.

Nudge Security

Nudge Security

Nudge Security offer the world's first-ever SaaS security solution to discover shadow IT and curb SaaS sprawl across any device or location and nudges employees towards optimal security behavior.

c0c0n

c0c0n

c0c0n is the longest running conferences in the area of Information Security and Hacking, in India.

DNSFilter

DNSFilter

DNSFilter is the most accurate threat detection and content filtering tool on the market today.

ViCyber

ViCyber

ViCyber is an Australian based company whose mission is to simplify and strengthen cybersecurity for all businesses, irrespective of size.

Core42

Core42

Core42 provides a full-spectrum of AI enablement solutions covering cloud, data, cybersecurity and digital services designed for customer success.