Security Market Segment LS
Tuesday, 15 December 2020 12:05

Ex-NSA hacker slams SolarWinds over wording of SEC breach filing Featured

By
Jake Williams: "I strongly suspect that down the road we’ll be using this as a case study in breach PR failures." Jake Williams: "I strongly suspect that down the road we’ll be using this as a case study in breach PR failures." Supplied

Former NSA hacker Jake Williams has criticised the SEC filing made by security firm SolarWinds following the disclosure that the company's Orion network management software had been compromised and used to breach numerous companies in many regions of the globe.

Williams, who now runs his own outfit, Rendition Infosec, said to start with SolarWinds had claimed that the breach timeline was limited to the March-June period.

The nature of the compromise was detailed by FireEye chief executive Kevin Mandia on Monday AEDT, less than a week after his own company saw its Red Team tools being pilfered.

As iTWire reported, this morning other researchers have pointed out that SolarWinds' FTP credentials were being leaked on GitHub in November 2019 and the company was yet to remove the compromised binary from its own website.

However, it had taken care to remove a page from its website that listed its customers, probably fearing that this was not the best time for this kind of marketing.

Said Williams: "I’m not saying they’re wrong. I understand the document is geared to regulators and investors. I’m just saying they’re making a statement on which security folks are basing decisions.

"They need to explain how they are limiting to this timeframe. Show your work. Anything less is valuing share price over customer safety."

Williams, once part of the now disbanded Tailored Access Operations unit at the NSA, America's premier spook agency, said he had spoken to a few organisations who were thinking of staying put because of this specific timeframe declaration.

"Clarity is needed," he insisted. "This smells to me like 'no specific evidence of any other dates where compromise is known'.

Williams said he was also concerned that SolarWinds was calling the incident a vulnerability, rather than a breach as it was.

"This isn’t 'Jake just being pedantic'. Software supply chain attacks are complex and customers are confused. This off-label use of 'vulnerability' isn’t helping," he pointed out.

He also took issue with the fact that SolarWinds had claimed that it was the Orion build process had been compromised, rather than the source code.

"But they don’t really explain how/why they believe this," said Williams. "I’m left with more questions than answers after reading due to apparent inconsistencies in knowledge required for claims.

"I strongly suspect that down the road we’ll be using this as a case study in breach PR failures. I also suspect we’ll see the SEC revise disclosure requirements in situations like this. Telling investors incredible tales and ignoring customers should be a losing move."

However he said there should be some latitude shown as the area was something of an uncharted one. "But to give SolarWinds their due, this is a fairly uncharted territory with a publicly traded company being implicated in a supply chain attack, potentially leading to the breach of customers. They’re writing the playbook as they execute it, with no template to draw from," he added.


Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments