SolarWinds Adviser Warned of Lax Security Years Before Massive Hack
A former security adviser at the IT monitoring and network management company SolarWinds Corp. said he warned management of cybersecurity risks and laid out a plan to improve it that was ultimately ignored.
In a 23-page PowerPoint presentation reviewed by Bloomberg News, Ian Thornton-Trump recommended to company executives in 2017 that SolarWinds appoint a senior director of cybersecurity, and said he told them that “the survival of the company depends on an internal commitment to security.”
The following month, he terminated his relationship with the company, saying he believed its leadership wasn’t interested in making changes that would have “meaningful impact.”
Thornton-Trump, as well as a former SolarWinds software engineer who talked to Bloomberg News, said that given the cybersecurity risks at the company, they viewed a major breach as inevitable. Their concerns about SolarWinds are shared by several cybersecurity researchers, who discovered what they described as glaring security lapses at the company, whose software was used in a suspected Russian hacking campaign.
“My belief is that from a security perspective, SolarWinds was an incredibly easy target to hack,” said Thornton-Trump, now the chief information security officer at threat intelligence firm Cyjax Ltd.
Last week, the Austin, Texas-based SolarWinds found itself at the center of the largest cybersecurity attack in recent memory. Suspected Russian hackers breached the internal networks of at least 200 customers, including U.S. government agencies and an as-yet-unknown number of private companies, a cybersecurity firm and people familiar with the investigation told Bloomberg.
In an operation that cybersecurity experts have described as exceedingly sophisticated and hard to detect, the hackers installed malicious code in updates to SolarWinds’s widely used Orion software, which was sent to as many as 18,000 customers.
Subscribe to our YouTube channel: https://bit.ly/2TwO8Gm
Bloomberg Quicktake brings you live global news and original shows spanning business, technology, politics and culture. Make sense of the stories changing your business and your world.
To watch complete coverage on Bloomberg Quicktake 24/7, visit http://www.bloomberg.com/qt/live, or watch on Apple TV, Roku, Samsung Smart TV, Fire TV and Android TV on the Bloomberg app.
Have a story to tell? Fill out this survey for a chance to have it featured on Bloomberg Quicktake: https://cor.us/surveys/27AF30
Connect with us on…
YouTube: https://www.youtube.com/user/Bloomberg
Breaking News on YouTube: https://www.youtube.com/c/BloombergQuickTakeNews
Twitter: https://twitter.com/quicktake
Facebook: https://www.facebook.com/quicktake
Instagram: https://www.instagram.com/quicktake
Видео SolarWinds Adviser Warned of Lax Security Years Before Massive Hack канала Bloomberg Quicktake
In a 23-page PowerPoint presentation reviewed by Bloomberg News, Ian Thornton-Trump recommended to company executives in 2017 that SolarWinds appoint a senior director of cybersecurity, and said he told them that “the survival of the company depends on an internal commitment to security.”
The following month, he terminated his relationship with the company, saying he believed its leadership wasn’t interested in making changes that would have “meaningful impact.”
Thornton-Trump, as well as a former SolarWinds software engineer who talked to Bloomberg News, said that given the cybersecurity risks at the company, they viewed a major breach as inevitable. Their concerns about SolarWinds are shared by several cybersecurity researchers, who discovered what they described as glaring security lapses at the company, whose software was used in a suspected Russian hacking campaign.
“My belief is that from a security perspective, SolarWinds was an incredibly easy target to hack,” said Thornton-Trump, now the chief information security officer at threat intelligence firm Cyjax Ltd.
Last week, the Austin, Texas-based SolarWinds found itself at the center of the largest cybersecurity attack in recent memory. Suspected Russian hackers breached the internal networks of at least 200 customers, including U.S. government agencies and an as-yet-unknown number of private companies, a cybersecurity firm and people familiar with the investigation told Bloomberg.
In an operation that cybersecurity experts have described as exceedingly sophisticated and hard to detect, the hackers installed malicious code in updates to SolarWinds’s widely used Orion software, which was sent to as many as 18,000 customers.
Subscribe to our YouTube channel: https://bit.ly/2TwO8Gm
Bloomberg Quicktake brings you live global news and original shows spanning business, technology, politics and culture. Make sense of the stories changing your business and your world.
To watch complete coverage on Bloomberg Quicktake 24/7, visit http://www.bloomberg.com/qt/live, or watch on Apple TV, Roku, Samsung Smart TV, Fire TV and Android TV on the Bloomberg app.
Have a story to tell? Fill out this survey for a chance to have it featured on Bloomberg Quicktake: https://cor.us/surveys/27AF30
Connect with us on…
YouTube: https://www.youtube.com/user/Bloomberg
Breaking News on YouTube: https://www.youtube.com/c/BloombergQuickTakeNews
Twitter: https://twitter.com/quicktake
Facebook: https://www.facebook.com/quicktake
Instagram: https://www.instagram.com/quicktake
Видео SolarWinds Adviser Warned of Lax Security Years Before Massive Hack канала Bloomberg Quicktake
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Dampening Volatility with an Inflation Sensitive Portfolio | Trillions: ETF Master ChefA Portfolio For "Chili Heads" in the Investment Space | Trillions: ETF Master ChefBitcoin’s Fourth Halving Is Imminent | Presented by CME GroupHow Will ECB Rate Cuts Impact the Dollar? | Presented by CME GroupReimagining Customer RelationshipsWhat the Thames Water Crisis Means For Your BillsThose Ridiculous National Food Days Are Good for Small BusinessBill Withers, Who Sang 'Lean On Me' and 'Ain't No Sunshine,' Dies at 81Is Surprise US Job Growth a Rate-Cut Game Changer? | Presented by CME Group3 Trends in Markets This WeekWill Hot Commodity Prices Delay Fed Rate Cuts? | Presented by CME GroupWhat’s the Outlook for Struggling Small-Cap Stocks? | Presented by CME GroupViral TrashTag Challenge Inspires Mass Garbage CleanupThe New Magic Word for Branding is CollaborationsSurviving Chernobyl: Former Liquidator Tells His Story 30 Years LaterCan Other Sports Replicate F1's Netflix Success?Riding Into The Future with Tarform MotorcyclesThe Circus Using Holograms Instead of Live AnimalsCleaning Up Bolivia's 'Lake of Plastic'Why Companies Are 'Debranding'Transforming Food Waste Into Juice And Craft Gin