SolarWinds takes a leaf out of Zoom's book, hires A-Team of Stamos and Krebs to sort out its security woes

The week's other security news


In Brief Embattled and embarrassed network management shop SolarWinds has reportedly hired two of the highest profile security bods in the biz to sort out its woes.

On Friday the news broke that Chris Krebs, formerly the head of the US government's Cybersecurity and Infrastructure Security Agency (CISA) until he was fired by presidential tweet for saying the American election wasn't hacked, has started a consultancy with former Facebook and Yahoo! security chief Alex Stamos. The two say that they have already been hired by SolarWinds and it's a long-term contract.

“This has been a multiyear effort by one of the very best, the most sophisticated intelligence operations in the world," Krebs told the Financial Times.

“It was just one small part of a much larger plan that’s highly sophisticated, so I would be expecting more companies that have been compromised; more techniques that we’re yet to find . . . There’s so much more to be written I think in this chapter of Russian cyber-intelligence operations.”

It's a similar tactic to that used by Zoom when the videoconferencing platform was beset by serious security flaws earlier in the year. In Zoom's case it appears to have worked - while the platform's not perfect it's a lot better than it was.

Russian hacker gets 12 years for cracking US corporates

Self-confessed Russian hacker Andrei Tyurin has been sent down for 12 years in the Big House after admitting hacking some of the world's biggest organizations.

According to the US government Tyurin started his hacking activities in 2007 and used his skills to support illegal gambling operations and personal data theft. A three-year spree in 2012 with accomplices saw them hacking over 100 million customers of J.P. Morgan Chase Bank, E*Trade, Scottrade, and the Wall Street Journal and using the information in pump-and-dump stock scams.

“From his home in Moscow, Andrei Tyurin played a major role in orchestrating and facilitating an international hacking campaign that included one of the largest thefts of US customer data from a single financial institution in history, stealing the personal information of more than 80 million J.P. Morgan Chase customers," said US Attorney Audrey Strauss.

"The conspiracy targeted major financial institutions, brokerage firms, news agencies, and other companies, and netted Tyurin over $19 million in criminal proceeds. Now Tyurin has been sentenced to 12 years in prison for his crimes.”

Hackers crash Japanese industrial giants

It has been a bad few weeks for the secret data in servers of two of Japan's biggest industrial giants.

A few days after Christmas, Kawasaki revealed its servers had been plundered, with breaches in remote offices in Thailand and the US leading to the loss of data from headquarters, leading to the forensic investigation of nearly 30,000 company terminals.

"The unauthorized access in question had been carried out with advanced technology that did not leave a trace," it said in a statement [PDF].

"Since the confirmation of unauthorized access, Kawasaki special project team engaged with an independent external security specialist firm [that] has been investigating and implementing countermeasures. Their investigation confirmed a possibility that information of unknown content may have been leaked to a third party."

Then in the last week Nissan reportedly confirmed that data relating to its in-car software, vehicle logistics systems and mobile apps have been left open on a Git repository that was guarded with the old username and password favourite admin/admin.

Nissan confirmed that no personal information had been stolen but hinted that some source code could have been snaffled. Investigations are continuing.

US creates yet another cybersecurity agency

As the Trump administration prepares to leave office Secretary of State Mike Pompeo has created the Bureau of Cyberspace Security and Emerging Technologies (CSET).

"The CSET bureau will lead US government diplomatic efforts on a wide range of international cyberspace security and emerging technology policy issues that affect U.S. foreign policy and national security, including securing cyberspace and critical technologies, reducing the likelihood of cyber conflict, and prevailing in strategic cyber competition," he said in a statement.

"The Secretary’s decision to establish CSET will permit the Department to posture itself appropriately and engage as effectively as possible with partners and allies on these pressing national security concerns."

Rough translation: Here's a new four-letter agency to bring another layer of Byzantine bureaucracy to American cybersecurity. ®

Similar topics


Other stories you might like

  • Inside the RSAC expo: Buzzword bingo and the bear in the room
    We mingle with the vendors so you don't have to

    RSA Conference Your humble vulture never liked conference expos – even before finding myself on the show floor during a global pandemic. Expo halls are a necessary evil that are predominatly visited to find gifts to bring home to the kids. 

    Do organizations really choose security vendors based on a booth? The whole expo hall idea seems like an outdated business model – for the vendors, anyway. Although the same argument could be made for conferences in general.

    For the most part, all of the executives and security researchers set up shop offsite – either in swanky hotels and shared office space (for the big-wigs) or at charming outdoor chess tables in Yerba Buena Gardens. Many of them said they avoided the expo altogether.

    Continue reading
  • CISA and friends raise alarm on critical flaws in industrial equipment, infrastructure
    Nearly 60 holes found affecting 'more than 30,000' machines worldwide

    Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers. 

    Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries. 

    The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.

    Continue reading
  • 1Password's Insights tool to help admins monitor users' security practices
    Find the clown who chose 'password' as a password and make things right

    1Password, the Toronto-based maker of the identically named password manager, is adding a security analysis and advice tool called Insights from 1Password to its business-oriented product.

    Available to 1Password Business customers, Insights takes the form of a menu addition to the right-hand column of the application window. Clicking on the "Insights" option presents a dashboard for checking on data breaches, password health, and team usage of 1Password throughout an organization.

    "We designed Insights from 1Password to give IT and security admins broader visibility into potential security risks so businesses improve their understanding of the threats posed by employee behavior, and have clear steps to mitigate those issues," said Jeff Shiner, CEO of 1Password, in a statement.

    Continue reading

Biting the hand that feeds IT © 1998–2022