SolarWinds is getting help on the massive hack that infected its software and spread to thousands of its government and private sector clients. The Texas-based IT software company has hired Chris Krebs, former director of the US Cybersecurity and Infrastructure Security Agency, to consult on the breach.
SolarWinds is currently investigating how hackers penetrated its systems and inserted malicious software into an update to the company’s popular Orion products. Thousands of SolarWinds customers installed the tainted update, and hackers were then able to access their systems. Federal agencies, major tech companies and hospitals were among the organizations targeted by the hackers.
“We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry leading secure software development company,” the company said in a statement. SolarWinds also published a blog post Thursday laying out its plan for addressing the hack going forward.
Krebs, who oversaw election security during the 2020 presidential election and was fired from his post by President Donald Trump in November, has formed a consultancy with former Facebook Chief Security Officer Alex Stamos. At CISA, Krebs ran a government website debunking false claims of election fraud. His firing received backlash from the cybersecurity community and lawmakers.
US intelligence agencies said Tuesday the hack likely originated in Russia. Russia has denied involvement in the hack.