Ian Thornton-Trump Wiki
Ian Thornton-Trump Biography
Ian Thornton-Trump, a former cybersecurity adviser at SolarWinds, said he urged management in 2017 to take a more aggressive approach to its internal security, warning that a cybersecurity episode would be “ catastrophic, ” according to a New York Times report. posted on Saturday.
He said he gave a PowerPoint presentation to three SolarWinds executives urging them to install a senior cybersecurity director because he thought a major breach was inevitable, Bloomberg reported.
When his recommendations were ignored, he left the company a month later.
Employees say the CEO of SolarWinds, which is based in Austin, Texas, reduced security measures to save costs and the company moved several engineering offices to Eastern Europe.
But that move may have made the company vulnerable to breach, as some of the compromised SolarWinds software was designed there and Russian intelligence agents are deeply rooted in that region.
Russian was behind the hacking campaign, the Kremlin denies it.
Former and current SolarWinds employees say the company was slow to prioritize security, even as its software was adopted by major cybersecurity companies and federal agencies.
SolarWinds only added security in 2017 under the threat of sanctions from a new European privacy law. He then hired his first CIO and hired a vice president of security architecture.
One reason, in part, security was so lax was due to cuts by CEO Kevin B. Thompson.
Former and current employees say Thompson, a former accountant and former CFO, eliminated common security practices to save costs and his approach nearly tripled SolarWinds’ annual profit margins to more than $ 453 million in 2019 from $ 152. million in 2010.
But some of those measures may have put the company at risk and put its customers at greater risk of attack.
SolarWinds also moved much of its engineering to satellite offices in the Czech Republic, Poland, and Belarus, where engineers had access to the pirated Orion network management software.
When Thompson was asked about whether the company should have detected the breach
avoided the question. He leaves office after 11 years in command.
The hack, believed to be an operation by Russia’s SVR intelligence service, affected departments of the Treasury, State, Commerce, Energy and parts of the Pentagon, as well as SolarWinds customers such as Cisco Systems and Deloitte.
Three weeks later, after the attack was flagged, US officials are now struggling to determine how the attack was carried out without raising any alarms.
At least 24 organizations in the US installed the software that had been exploited by hackers, according to an analysis of the Wall Street Journal’s internet logs.
Those infected include: technology companies Cisco Systems Inc., Intel Corp, and Nvidia Corp; accounting firm Deloitte; the software company VMware Inc; electronics manufacturer Belkin International Inc; the California Department of Hospitals; and Kent State University.
Security experts noted that it took days for SolarWinds to stop serving customers compromised code on its websites.
SolarWinds said it was a “victim of a highly sophisticated, complex and targeted cyber attack” and was working with law enforcement and intelligence agencies to investigate.