Fired Cybersecurity Chief Chris Krebs to Aid SolarWinds with Hack

SolarWinds has hired former federal cybersecurity chief Chris Krebs to help with the fallout from its massive hack.

Chris Krebs testifying before Congress in 2020.

Krebs was director of the Cybersecurity and Infrastructure Security Agency (CISA). President Trump fired him because he said there was “no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised” in the November election.

The former cybersecurity chief has joined SolarWinds along with his business partner, Alex Stamos, former Facebook CSO. Their new firm, Krebs Stamos Group, helps clients build security teams, processes, programs and culture. It also provides advice on decisions during extreme crises.

Sudhakar Ramakrishna is SolarWinds’ CEO.

SolarWinds’ Sudhakar Ramakrishna

“Armed with what we have learned of this attack, we are also reflecting on our own security practices and seeking opportunities to enhance our posture and policies,” he said. “We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry-leading secure software development company.”

In the SolarWinds hack, the malicious hackers inserted Sunburst malware into SolarWinds‘ Orion software updates. SolarWinds sent the updates, released between March and June 2020, to nearly 18,000 customers.

This led to security breaches at numerous U.S. government agencies. Specifically, the attackers breached the National Telecommunications and Information Administration (NTIA), the Department of Homeland Security (DHS) and more. The attackers also breached SolarWinds’ corporate clients.

Alex Stamos Highly Regarded

Eric Parizo is principal analyst of Omdia’s cybersecurity operations intelligence service.

Omdia’s Eric Parizo

“The reported hiring of Chris Krebs and former Facebook CSO Alex Stamos by SolarWinds as security consultants is first and foremost a public relations effort, designed to create the appearance that it is taking its supply chain software compromise seriously,” he said.

Krebs, while highly regarded, by trade is an attorney and national security expert, Parizo said. Therefore, he’s unlikely to offer much in the way of hands-on expertise.

“More likely, his legal experience and his connections in the U.S. government may help facilitate smooth communication and accelerate the dissemination of effective remediation information, especially among affected government agencies,” he said.

However, with Stamos, SolarWinds gets “one of the industry’s most highly regarded security leaders,” Parizo said.

“Stamos’ past experiences at Yahoo and Facebook have proven that he can succeed in some of the most challenging circumstances and hostile business environments imaginable, while maintaining a rock-solid ethical compass,” he said.

SolarWinds will ideally allow Stamos to manage the Orion incident, Parizo said. It should also use his expertise to implement a “world-class cybersecurity program based on a rigorous software security life cycle.”

SolarWinds can turn a “public relations nightmare into a huge win for the company and its customers,” he said.