Cyber Expert Warned SolarWinds In 2017

Uploaded on 2021-01-06 in NEWS-Cybersecurity News, FREE TO VIEW

The SolarWinds breach is much bigger than first believed. The initial estimates were that Russia sent its hacking probes only into a few dozen of the 18,000 government and private networks. 

But after Microsoft dug deeper into the attacks it now appears Russia exploited multiple layers of the supply chain to gain access to as many as 250 networks.

A cyber security expert, Ian Thornton-Trump who worked at SolarWinds, says he warned the management about the possible serious hacking attacks if the company had not improved its internal security. 

Thornton-Trump now works as the chief information security officer at Cyjax and he says he had warned SolarWinds that it was not taking security seriously enough in 2017 when he worked as an adviser for the company. He later resigned from the company in May 2017 after giving a PowerPoint presentation with at least three SolarWinds executives raising his concerns.

In December 2020 a serious cyber attack led by state-backed Russian hackers affected more than 250 US federal agencies and private companies.  The hackers got into government and private networks by inserting malicious code into SolarWinds' premier software product, Orion.  And Solar Winds is believed to be one of several supply chain vendors Russia used in their hacking attacks. 

Current and former employees of SolarWinds suggest it was slow to make security a priority, even as its software was adopted by America’s premier cybersecurity company and federal agencies.

Employees say that this problem arose under Mr. Thompson, an accountant by training and a former CFO as he examined every part of the business for cost savings. Because of Thompson’s methods many security practices were lost because of their expense. His approach helped almost triple SolarWinds’ annual profit margins to more than $453 million in 2019 from $152 million in 2010, placing security at greater risk.

SolarWinds moved much of its engineering to satellite offices in the Czech Republic, Poland and Belarus, where engineers had broad access to the Orion network management software that Russia’s agents compromised.

Other former and current SolarWinds staffers say the company was slow to prioritise security, even when its software was adopted by top cybersecurity companies and federal agencies. SolarWinds only took action on security in 2017 under the threat of penalty from a new European privacy law, when it hired its first chief information officer and brought in a vice president of security architecture.  

While the motive for the attacks is not known, some believe it is a Russia effort to intimidate Washington just weeks before President-elect Biden's inauguration, to gain leverage against the US before forthcoming nuclear arms talks.

Intelligence officials say It could be months, years even, before they understand the breadth of the hacking. Jake Williams, a former hacker for the US National Security Agency (NSA) now president of cyber security firm Rendition Infosec, told reporters that technology companies such as SolarWinds that build and produce computer code often “don’t do security well”.

SolarWinds gained a foothold in the government marketplace many years ago because it was regarded as “idiot proof”, and was the first software of its kind, said Williams. “Orion is to network management systems what Kleenex is to tissue,” he said. “Other products are laughably complex and bad by comparison. It was the first actually easy-to-use network management system, and took off like wildfire as a result.”

Since it was founded in 1999, SolarWinds has  been awarded contracts with the US government worth more than US$230 million. Its software is used by many federal government agencies. The US military, the FBI, the Secret Service, the National Nuclear Security Administration, the Veterans Affairs. the Department of Homeland Security and others.

Bloomberg:     Newsweek:       New York Times:    SCMP:     Daily Mail

You Might Also Read:

The SolarWinds Hack Can Directly Affect Industrial Control Systems:

 

 

« Julian Assange Will Not Face Trial In The US - Yet
Social Media Platforms Block Donald Trump »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cloud53

Cloud53

Clolud53 is a Manchester based Managed Cyber Security & Cloud company providing solutions focused around you.

Spirion

Spirion

Spirion offers data discovery, classification, and protection tools for your business's privacy, security, and compliance program to avoid gaps and risks.

BeOne Development

BeOne Development

BeOne Development provide innovative training and learning solutions for information security and compliance.

Cyber Senate

Cyber Senate

Cyber Senate is dedicated to bringing Operators of Essential Services together with global subject matter experts to address the challenges of evolving cyber threats to critical infrastructure.

Infosistem

Infosistem

Infosistem is a Croatian ICT company with extensive expertise and experience in enterprise and SMB ICT projects and solutions.

Sky Data Vault

Sky Data Vault

Sky Data Vault provide the simplest and most cost effective method of Disaster Recovery / Business Continuity for mission critical systems and applications.

Mosaic 451

Mosaic 451

Mosaic451 is a bespoke IT managed services provider and consultancy specializing in information security, operations and design.

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71) is Singapore's first cybersecurity entrepreneur hub.

ShorePoint

ShorePoint

ShorePoint is an elite cybersecurity firm dedicated to improving the cyber resilience of Federal agencies and their missions.

BrandProtections.Online

BrandProtections.Online

BrandProtections.online offer end-to-end customer support solutions to help protect against threats which may affect your brand online.

ExtraHop

ExtraHop

ExtraHop's dynamic cyber defense platform uses cloud-scale AI to help enterprises detect and respond to advanced threats - before they compromise your business.

Sekur Private Data

Sekur Private Data

Sekur Private Data Ltd. is a Cybersecurity and Internet privacy provider of Swiss hosted solutions for secure communications and secure data management.

Jera IT

Jera IT

Jera IT provide fully managed IT support, cybersecurity services, telecoms systems, and IT strategy consultancy to businesses based in Aberdeen and the surrounding area.

Cura Technology

Cura Technology

Cura Technology offers a wide array of security solutions meticulously designed to address specific facets of your security requirements.

DACTA Global

DACTA Global

DACTA was established with the aim of simplifying the perception of complexity surrounding digital security challenges and solutions.

Couno

Couno

Couno is a trusted provider of IT support services throughout the UK and Europe.