SolarWinds CEO Sudhakar Ramakrishna has called for an end to cyberattack “victim shaming”, which he says contributes to an unwillingness among companies to share vital intelligence.
In an exclusive interview with TechRadar Pro, Ramakrishna spoke about the difficulties his company faced in the aftermath of the infamous hack, which came to light in December 2020.
A central tenet of the SolarWinds response strategy was transparent communication, but Ramakrishna says the inclination to scold cyberattack victims means many companies opt for a more secretive approach.
“There is still a lot of victim shaming that happens, so companies often end up fixing problems without saying anything about them. There is definitely hesitation to speak up,” he told us.
“The idea that an attack could happen to anyone has become more prevalent, but that does not absolve you of the fact that it happened to you. Every company will have a crisis or two, but what matters is how management reacts and how the firm collaborates with third-parties.”
Until 2020, SolarWinds was an unknown quantity to many people outside the technology sector. However, the IT monitoring company found itself in a state of crisis when it emerged that cybercriminals had infiltrated its network and injected malware into a software update.
This patch was delivered to many thousands of customers, including government agencies and Fortune 500 businesses, leading to the compromise of hundreds of additional networks and the theft of large quantities of sensitive data.
The supply chain attack has been described as one of the most significant attacks in history, as a result of its scope, sophistication and knock-on effects on the cybersecurity industry.
Although SolarWinds has managed largely to right itself since the attack, with customer retention levels now returning to pre-attack levels, the incident had severe effects on the company’s bottom line. But there is evidence to suggest the right lessons have not been learned in the wider security community.
Since the SolarWinds attack, a number of similar high-profile cybersecurity events have taken place; there was the Kaseya attack, Log4j and the recent Okta-Lapsus$ incident.
Asked why supply chain attacks continue to occur, Ramakrishna told us that the nature of the security industry hands an advantage to the attacker.
“This is not just a technology issue, there’s a lot more to it,” he said. “Each one of us is defending against an attacker. But on one side is a coordinated army with a singular purpose, to attack, and on the other is a set of fragmented soldiers.”
“In the event of an incident, it’s important to leverage help from the community. We need to make people aware of issues faster; that mindset needs to establish itself in software security.”
A write-up of TechRadar Pro’s full conversation with Ramakrishna will be published in the coming weeks.