SolarWinds Adviser Warned of Lax Security Years Before Massive Hack
A former security adviser at the IT monitoring and network management company SolarWinds Corp. said he warned management of cybersecurity risks and laid out a plan to improve it that was ultimately ignored.
In a 23-page PowerPoint presentation reviewed by Bloomberg News, Ian Thornton-Trump recommended to company executives in 2017 that SolarWinds appoint a senior director of cybersecurity, and said he told them that “the survival of the company depends on an internal commitment to security.”
The following month, he terminated his relationship with the company, saying he believed its leadership wasn’t interested in making changes that would have “meaningful impact.”
Thornton-Trump, as well as a former SolarWinds software engineer who talked to Bloomberg News, said that given the cybersecurity risks at the company, they viewed a major breach as inevitable. Their concerns about SolarWinds are shared by several cybersecurity researchers, who discovered what they described as glaring security lapses at the company, whose software was used in a suspected Russian hacking campaign.
“My belief is that from a security perspective, SolarWinds was an incredibly easy target to hack,” said Thornton-Trump, now the chief information security officer at threat intelligence firm Cyjax Ltd.
Last week, the Austin, Texas-based SolarWinds found itself at the center of the largest cybersecurity attack in recent memory. Suspected Russian hackers breached the internal networks of at least 200 customers, including U.S. government agencies and an as-yet-unknown number of private companies, a cybersecurity firm and people familiar with the investigation told Bloomberg.
In an operation that cybersecurity experts have described as exceedingly sophisticated and hard to detect, the hackers installed malicious code in updates to SolarWinds’s widely used Orion software, which was sent to as many as 18,000 customers.
Subscribe to our YouTube channel: https://bit.ly/2TwO8Gm
Bloomberg Quicktake brings you live global news and original shows spanning business, technology, politics and culture. Make sense of the stories changing your business and your world.
To watch complete coverage on Bloomberg Quicktake 24/7, visit http://www.bloomberg.com/qt/live, or watch on Apple TV, Roku, Samsung Smart TV, Fire TV and Android TV on the Bloomberg app.
Have a story to tell? Fill out this survey for a chance to have it featured on Bloomberg Quicktake: https://cor.us/surveys/27AF30
Connect with us on…
YouTube: https://www.youtube.com/user/Bloomberg
Breaking News on YouTube: https://www.youtube.com/c/BloombergQuickTakeNews
Twitter: https://twitter.com/quicktake
Facebook: https://www.facebook.com/quicktake
Instagram: https://www.instagram.com/quicktake
Видео SolarWinds Adviser Warned of Lax Security Years Before Massive Hack канала Bloomberg Quicktake
In a 23-page PowerPoint presentation reviewed by Bloomberg News, Ian Thornton-Trump recommended to company executives in 2017 that SolarWinds appoint a senior director of cybersecurity, and said he told them that “the survival of the company depends on an internal commitment to security.”
The following month, he terminated his relationship with the company, saying he believed its leadership wasn’t interested in making changes that would have “meaningful impact.”
Thornton-Trump, as well as a former SolarWinds software engineer who talked to Bloomberg News, said that given the cybersecurity risks at the company, they viewed a major breach as inevitable. Their concerns about SolarWinds are shared by several cybersecurity researchers, who discovered what they described as glaring security lapses at the company, whose software was used in a suspected Russian hacking campaign.
“My belief is that from a security perspective, SolarWinds was an incredibly easy target to hack,” said Thornton-Trump, now the chief information security officer at threat intelligence firm Cyjax Ltd.
Last week, the Austin, Texas-based SolarWinds found itself at the center of the largest cybersecurity attack in recent memory. Suspected Russian hackers breached the internal networks of at least 200 customers, including U.S. government agencies and an as-yet-unknown number of private companies, a cybersecurity firm and people familiar with the investigation told Bloomberg.
In an operation that cybersecurity experts have described as exceedingly sophisticated and hard to detect, the hackers installed malicious code in updates to SolarWinds’s widely used Orion software, which was sent to as many as 18,000 customers.
Subscribe to our YouTube channel: https://bit.ly/2TwO8Gm
Bloomberg Quicktake brings you live global news and original shows spanning business, technology, politics and culture. Make sense of the stories changing your business and your world.
To watch complete coverage on Bloomberg Quicktake 24/7, visit http://www.bloomberg.com/qt/live, or watch on Apple TV, Roku, Samsung Smart TV, Fire TV and Android TV on the Bloomberg app.
Have a story to tell? Fill out this survey for a chance to have it featured on Bloomberg Quicktake: https://cor.us/surveys/27AF30
Connect with us on…
YouTube: https://www.youtube.com/user/Bloomberg
Breaking News on YouTube: https://www.youtube.com/c/BloombergQuickTakeNews
Twitter: https://twitter.com/quicktake
Facebook: https://www.facebook.com/quicktake
Instagram: https://www.instagram.com/quicktake
Видео SolarWinds Adviser Warned of Lax Security Years Before Massive Hack канала Bloomberg Quicktake
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Dampening Volatility with an Inflation Sensitive Portfolio | Trillions: ETF Master Chef
A Portfolio For "Chili Heads" in the Investment Space | Trillions: ETF Master Chef
Bitcoin’s Fourth Halving Is Imminent | Presented by CME Group
How Will ECB Rate Cuts Impact the Dollar? | Presented by CME Group
Reimagining Customer Relationships
What the Thames Water Crisis Means For Your Bills
Those Ridiculous National Food Days Are Good for Small Business
Bill Withers, Who Sang 'Lean On Me' and 'Ain't No Sunshine,' Dies at 81
Is Surprise US Job Growth a Rate-Cut Game Changer? | Presented by CME Group
3 Trends in Markets This Week
Will Hot Commodity Prices Delay Fed Rate Cuts? | Presented by CME Group
What’s the Outlook for Struggling Small-Cap Stocks? | Presented by CME Group
Viral TrashTag Challenge Inspires Mass Garbage Cleanup
The New Magic Word for Branding is Collaborations
Surviving Chernobyl: Former Liquidator Tells His Story 30 Years Later
Can Other Sports Replicate F1's Netflix Success?
Riding Into The Future with Tarform Motorcycles
The Circus Using Holograms Instead of Live Animals
Cleaning Up Bolivia's 'Lake of Plastic'
Why Companies Are 'Debranding'
Transforming Food Waste Into Juice And Craft Gin