https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
    • MSP 501 Information Center
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
    • MSP 501 Information Center
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Shutterstock

Start slideshow

SolarWinds Hack: More Surprises, Plus Why Heads Didn’t Roll

  • Written by Edward Gately
  • May 19, 2021
That and more news from day three of RSA.

RSA CONFERENCE — The group that carried out the giant SolarWinds hack were already inside the company’s environment in January 2019. That’s much earlier than previously reported.

That’s according to Sudhakar Ramakrishna, SolarWinds’ president and CEO. He talked about the origins and impact of the SolarWinds hack in a keynote Wednesday at the RSA Conference.

It was originally reported that the SolarWinds hack dated back to December 2019. The attack became public in mid-December 2020.

SolarWinds' Sudhakar Ramakrishna

SolarWinds’ Sudhakar Ramakrishna

Ramakrishna said the attackers’ trade craft was “extremely well done and extremely sophisticated.”

And they did “everything possible to hide in plain sight,” he said.

“We were looking for all the usual clues,” Ramakrishna said. “When you go through an investigation, you have a checklist, a set of hypotheses and you try to map things. And in this case, given the amount of time they spent and given the delicateness that they had in their efforts, they were able to cover their fingerprints and their tracks every step of the way.”

Early Reconnaissance

SolarWinds assessed hundreds of terabytes of data and thousands of virtual build systems across its environment, Ramakrishna said.

“They were doing very early reconnaissance activities in January 2019,” he said. “That explains what they were able to do in September-October of 2019.”

SolarWinds began notifying its customers about the breach in mid-December 2020. Early on, the company reported up to 18,000 customers could have been vulnerable to the malicious code used by the attackers; it now says fewer than 100 SolarWinds customers were hacked.

“The most important questions that customers had at that point were, ‘What does it mean to me? And what do you want us to do?” Ramakrishna said. “The team rallied all around and did the very best to touch every single customer possible.”

SolarWinds Hack Prompts More Work with Partners

Nearly six months after the attack was first reported, SolarWinds continues to help its customers deal with the impact, Ramakrishna said.

“A lot of our software runs on premises as well, so it is not instantaneous that everybody updates at the same point in time,” he said. “So it is one customer at a time, essentially one day at a time. And in some cases I’ve told my team, one step at a time. What started off as a reactive measure, we started learning about the incident. We started addressing issues. And one of the foundations of what we’re trying to do is transparency as we enhance the trust that we have with our customers.”

In the aftermath, SolarWinds has worked with its worldwide partners and created the Orion Assistance Program, Ramakrishna said.

“We recognize that not all of our customers may have the internal resources to upgrade or rebuild, or project into the future,” he said. “So what we decided to do is work with our partners and extend support to our customers to essentially provide a pair of hands, in some cases, and technology commitments in other cases. And in many cases work side by side with them as they completed their upgrades. We did this at our cost. We felt it was our responsibility to help the customers get to a safe and stable environment.”

In hindsight, Ramakrishna said the company’s media response should have been stronger.

Scroll through our slideshow above for more of Ramakrishna’s comments – including why he didn’t fire anyone over the incident – and more news from the RSA conference.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.
Tags: MSPs VARs/SIs Analytics Artificial Intelligence Best Practices Channel Chatter Cloud Galleries Intelligence New Products & Services RMM/PSA Security Technologies

Most Recent


  • DartPoints' Jackie Steinberg
    Channel People on the Move: AT&T, HPE, Google Cloud, Comcast, More
    Plus, moves at TBI, Trend Micro, Microsoft, Sandler Partners, Nitel and more.
  • Cloud computing news
    Missed June’s Cloud News? AWS, VMware, HPE, Google Cloud Made Headlines
    In case you’ve been busy (or on much-needed summer break), we’ve collected the biggest news for cloud partners.
  • Cloud computing
    Public Cloud Momentum Pacing Past Forecasts, With AWS, Azure in Lead
    We assess the soaring numbers with the help of Gartner, IDC and Synergy Research.
  • Tape Measure
    How the Cloud Has Changed Measurement for Partners
    Customer success will become the driving metric for partner success in new cloud-centric environment.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Growth plan
    N-able Empower Day 1: How to Grow Your Business
  • Acquisition
    Private Equity Firms Snapping Up ExtraHop in $900 Million Acquisition
  • Top Stories
    Top 20 Stories in May: AWS Leader, Bullies, Michael Dell, SD-WAN Rankings
  • hybrid cloud
    NetApp Focuses on Unified Hybrid Cloud Experience with Latest Updates

Upcoming Events

View all

MSP Summit

September 13, 2022 - September 16, 2022

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Galleries

View all

Channel People on the Move: AT&T, HPE, Google Cloud, Comcast, More

July 5, 2022

Missed June’s Cloud News? AWS, VMware, HPE, Google Cloud Made Headlines

July 5, 2022

Public Cloud Momentum Pacing Past Forecasts, With AWS, Azure in Lead

July 4, 2022

Industry Perspectives

View all

How to Make Embracing Change Part of Your Company Culture

July 1, 2022

How to Differentiate to Leverage 5G’s Revenue Opportunity

June 28, 2022

Why MSPs are Attractive Cyberattack Targets

June 24, 2022

Webinars

View all

VEP Platform for Delivery of uCPE, SD-WAN and SASE

June 29, 2022

The Digital Worker: How to Empower Customers with a Flexible, Scalable VDI Solution to Enable Remote Work

June 30, 2022

Growing Partner Revenue and Customer Satisfaction with Power Management Services

June 23, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

Vonage a ‘Single Communications Stack Provider’ for Partners, Customers

IBM, Partners and the $1 Trillion Hybrid Cloud Opportunity

June 26, 2022

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

May 6, 2022

Twitter

ChannelFutures

Distributor @Infinigate to acquire @nuviasgroup to create "pan-European #cybersecurity powerhouse."… twitter.com/i/web/status/1…

July 5, 2022
ChannelFutures

[email protected], @AWSCloud, @VMware, @Azure, @HPE, more, all made big waves in June with respective #cloud news.… twitter.com/i/web/status/1…

July 5, 2022
ChannelFutures

Happy Independence Day 🎇 to our U.S. colleagues, from the #ChannelFutures and #ChannelPartners team to yours! We ho… twitter.com/i/web/status/1…

July 4, 2022
ChannelFutures

#Publiccloud demand is going nowhere. We dive into stats. @AWSCloud @Azure @IDC @Gartner_inc @SRG_Research #cloud… twitter.com/i/web/status/1…

July 4, 2022
ChannelFutures

Partners can bring more value to #customerrelationships with the #customerexperience, says @SAPPartners4U.… twitter.com/i/web/status/1…

July 4, 2022
ChannelFutures

Channel people making waves this week include: @jpdepa3rd, @RiyaShanmugam, @sandyhogan dlvr.it/STCM6S https://t.co/oVB86ztTtP

July 1, 2022
ChannelFutures

#Cybersecurity experts say July 4th weekend ripe for #ransomware, other attacks. @blumirasec @Netenrich @Vectra_AI… twitter.com/i/web/status/1…

July 1, 2022
ChannelFutures

New @PureStorage #ITchannel leader details jump from Veritas. dlvr.it/STBsLB https://t.co/BFSmZ5ubff

July 1, 2022

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X