SolarWinds hires former Trump cybersecurity chief Chris Krebs


The tech company at the center of the biggest hacking in recent history has hired Chris Krebs, the fired U.S. government cybersecurity chief, to help deal with the fallout.

SolarWinds, the Texas-based company whose software has been exploited by suspected Russian hackers to spy on governments and businesses around the world, has appointed Mr. Krebs as an independent consultant.

Mr Krebs was head of the US cybersecurity agency until November, when he was sacked via Twitter by Donald Trump for disputing allegations that the US presidential election was compromised by fraud.

He will work for SolarWinds to coordinate the company’s crisis response alongside new business partner Alex Stamos, a professor at Stanford University and former Facebook security chief. The pair told the Financial Times that it could be years before all compromised systems can be completely secure again.

Mr Krebs said: “This has been a multi-year effort of one of the best and most sophisticated intelligence operations in the world.

“It was only a small part of a much larger plan that is very sophisticated, so I would expect more businesses to have been compromised; more techniques that we haven’t found yet. . . There is so much more to write, I think, in this chapter of Russian cyber intelligence operations.

Investigators are working to establish the extent and scope of the campaign, with some experts suggesting it could go back years and continue.

SolarWinds said in December that 18,000 of its customers may have been exposed to hackers, who hijacked one of their popular software in March. Hackers are believed to have specific, hand-selected targets masquerading as legitimate staff members in their systems to gain access to confidential information stored in the cloud.

The company has been accused of not being open enough about the scale or method of the attack – a criticism that Mr Stamos tacitly acknowledged while praising FireEye, the cybersecurity company that was it – same victim.

“FireEye has been extremely transparent and it has worked really well for them. There was less of that [from] other companies involved, and that means there are some leaks that may or may not be true, ”he said.

US intelligence officials this week said they identified “less than 10” compromised federal agencies. The government’s commerce, energy and justice departments confirmed they were targeted. Hackers also snooped on dozens of US Treasury email accounts and gained access to systems used by some of the department’s top officials.

The electronic filing system used by federal courts has also been compromised, the US justice said Thursday.

Microsoft last week said in a blog post that the same hackers had accessed some of the internal source code behind its proprietary software, although they did not modify it or access customer data.

Kicking hackers out of systems can be another battle. Mr Stamos said attackers were likely to have embedded hidden pieces of code that would allow them to continue snooping on agencies and businesses for years to come.

“The metaphor I use is harvesting iron, for Belgian and French farmers in the spring,” he said. “After the rains, they go to their fields and they still find shells from WWI and WWII. That’s what it’s gonna be for a while.

While Mr. Trump played down the idea that Russian hackers are to blame and even pointed the finger at China, US intelligence agencies said the perpetrators were “probably of Russian origin.”

Mr Krebs added that there was “no question” in the intelligence community that Russia’s foreign intelligence service, the SVR, was responsible.

Some members of Congress have called on the United States to retaliate against the perpetrators, but Mr Krebs said that based on what is known about the attack, it fell under the category of espionage, a claim as well. made by US intelligence agencies.

“The United States has signaled on the world stage, time and again, that this type of behavior is in fact acceptable, so I don’t expect the United States to respond,” Krebs said.

But he added that any escalation on the part of hackers should provoke a “dramatic” and “proportional” response from the US government.

Daily newsletter

© Financial Times

techFT brings you news, commentary and analysis on the big companies, technologies and issues shaping this fastest moving industries from specialists based around the world. Click here to get techFT delivered to your inbox.


Please enter your comment!
Please enter your name here