The new chief executive officer of SolarWinds has laid out a lengthy roadmap to cyber security recovery in the wake of its major hacking attack.
Sudhakar Ramakrishna joined the network and application monitoring company before ithe discovery of the supply-chain attack, allegedly at the hands of Cozy Bear, a hacker group linked to the Russian government.
The group is said to have gained access to computer systems belonging to multiple US government departments as far back as last March via SolarWinds’ Orion Platform, its key network and applications monitoring product.
Ramakrishna, formerly the CEO of Pulse Secure, has now set down an extensive security agenda he says will be guided by “humility, ownership, transparency, focused action, and bias towards customer safety”.
The most crucial of the next steps will involve securing SolarWinds’ internal environment through “deploying additional, robust threat protection and threat hunting software” on its network, particularly across developer environments.
The company is currently working with CrowdStrike to get to the root cause of the attack.
Meanwhile, Ramakrishna said the company would be resetting credentials for all users in the corporate and product development domains and for all accounts used in building the Orion Platform.
It will also “consolidate” remote and cloud access avenues for accessing the SolarWinds network and applications by enforcing multi-factor authentication (MFA).
In terms of product development, SolarWinds will now move to a new build environment with “stricter access controls and deploying mechanisms” to allow for reproducible builds from multiple independent pipelines.
On top of this, other measures will include: additional automated and manual checks to ensure compiled releases match source code; re-signing all Orion Platform software with new digital certificates and expanding its vulnerability management program.
Penetration testing will become a more regular component of SolarWinds’ cyber strategy with Ramakrishna vowing to resolve potential issues with urgency.
“We expect these efforts and plans to guide our journey to becoming an even safer and more secure company, and we understand that there is much more work to be done,” he said in the blog post. “In the coming weeks, we will plan to share further plans and programs that we believe will help us achieve that goal.”