Software provider SolarWinds, which was breached in a suspected Russian hacking campaign against U.S. companies and federal agencies, has hired former senior U.S. cybersecurity official Chris Krebs and former Facebook security chief Alex Stamos to help respond to the hack and improve its security practices.
Krebs and Stamos will work as consultants for Texas-based SolarWinds as it continues to deal with the fallout of a hacking operation that has roiled Washington and is considered one of the more significant cyber-espionage campaigns against U.S. agencies in years.
“Armed with what we have learned of this attack, we are also reflecting on our own security practices and seeking opportunities to enhance our posture and policies,” SolarWinds said in a statement. “We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry leading secure software development company.”
The hacking incident saw SolarWinds send malware-laced software to some 18,000 customers, though the actual targets of the espionage operation appear to be much more limited. U.S. investigators say less than 10 federal agencies have been breached, including the departments of Commerce, Energy and Justice.
Financial Times first reported on SolarWinds’ hiring of Krebs and Stamos.
Both Krebs and Stamos have experience responding to advanced Russian hacking activity. Krebs, a former Microsoft executive, served as head of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) until President Donald Trump fired him in November for declaring the 2020 U.S. election secure. Stamos was a security executive at Yahoo in 2014 when alleged Russian hackers compromised some 500 million Yahoo user accounts. Stamos was also Facebook’s security chief during the 2016 U.S. elections, when Russian operatives used the platform to spread disinformation.
Krebs and Stamos have also started a consulting firm to help organizations recover from security breaches.
U.S. federal agencies have said the espionage operation involving SolarWinds, among other attack vectors, is “likely Russian in origin” in a statement that was reportedly watered down by the White House. Russia has denied involvement in the hacking operation.
President-elect Joe Biden has called for a strong response to the SolarWinds compromises, and has vowed to get to the bottom of the extent to which federal agencies were breached.
Neither Krebs nor Stamos responded to a request for comment.