Chris Krebs, who was fired by Donald Trump after Krebs insisted that the November 3 election was not rigged. Picture: REUTERS/JONATHAN ERNST
Chris Krebs, who was fired by Donald Trump after Krebs insisted that the November 3 election was not rigged. Picture: REUTERS/JONATHAN ERNST

San Francisco — The company used by hackers as a springboard for the worst-known breach of US government computers in at least five years has hired some of the biggest names in security to help it recover.

SolarWinds, which had backdoored versions of its network-management software go out to thousands of customers, had already hired CrowdStrike Holdings to help it assess the intrusion and protect it.

On Thursday, it hired a new consulting business formed by former US Cybersecurity and Infrastructure Security Agency (Cisa) head Chris Krebs and Alex Stamos, former chief security officer at Facebook.

Krebs was the first leader of US homeland security unit Cisa and led the national effort to keep the 2020 elections safe from hacking and to dispel related misinformation. He was fired by President Donald Trump after he continued to assert the election was not “rigged” and was free from electronic chicanery.

Stamos, an adjunct professor at Stanford, helped co-ordinate a broader effort by academics and nonprofits to rapidly dispel co-ordinated attempts to spread false election-related information. He also was among those brought in to advise on security at fast-growing video-conferencing company Zoom Video Communications after a series of flaws were reported.

Krebs said he planned to fully devote himself to the new business, which will recommend security practices for multiple clients and also combat co-ordinated misinformation.

“There have been successful leaders that embrace cybersecurity but also the community and engagement, and they tend to not just survive in this environment, but thrive,” Krebs said in an interview. “We want to help executives become those leaders. There’s a process that we want to help organisations build.”

SolarWinds’ code has been found inside a half-dozen federal agencies that were then exploited further by hackers said by US officials to have been working for the Russian government, which has denied it.

SolarWinds CEO Sudhakar Ramakrishna, who joined the company this week, said in a blog post that hiring the experts was part of an effort to help transform the company, which has been criticised for poor security.

“We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry-leading secure software development company,” a company spokesperson said.

Stamos said he was not interested in a full-time job in Biden’s administration, and would rather advise part-time with multiple companies either in crisis or hoping to get in better shape before one. “These current Russian attacks have created a new set of companies who now realise they need to be playing at a much higher level.” 

Reuters

Would you like to comment on this article or view other readers' comments?
Register (it’s quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.