‘I lost 25 pounds in 20 days’: what it’s like to be on the frontline of a global cyber-attack
The security chief of SolarWinds reflects on the Russian hack that exposed US government agencies – and the heart attack he suffered in the aftermathTim Brown will remember 12 December 2020 for ever.It was the day the software company SolarWinds was notified it had been hacked by Russia.Brown, the chief information security officer at SolarWinds, immediately understood the implications: any of the company’s more than 300,000 global clients could be affected too.The exploit allowed the hackers remote access to the systems of customers that had installed SolarWinds’ network software Orion, including the US treasury department, the US department of commerce’s National Telecommunications and Information Administration, along with thousands of companies and public institutions.Brown says he was “running on adrenaline” in the first few days after the attack.
It was during the early stages of the Covid pandemic when full-time work-from-home was the norm, but the company’s email was compromised and couldn’t be used to communicate with staff,“We gave up on the phones and just everybody came into the office and we got Covid testing,” Brown says,“I lost 25 pounds in about 20 days … just going, going, going,”He appeared on CNN and 60 Minutes, and in every major newspaper,“The world’s on fire.
You’re trying to get information out and trying to have people understand what’s safe and what’s not safe.”The company switched to Proton email and Signal while its email was compromised, Brown says.He was taking calls from companies and government agencies across the globe, including the US army and the Covid vaccine program Operation Warp Speed.“You get the world wanting verbal communication not written communication.And that is a kind of an important lesson: you can write things down, but they want to talk to the [chief information security officer],” says Brown, who spoke at Melbourne’s CyberCon on Friday.
“They want to be able to hear colour around the outside of it, so very important to be prepared for that kind of response.”The notification about the hack came in a phone call from Kevin Mandia, the founder of the cybersecurity firm Mandiant, to SolarWinds’ then CEO Kevin Thompson.Mandia told Thompson that SolarWinds had “shipped tainted code” to its Orion software, which helps organisations monitor outages on their computer networks and servers.The exploit in Orion was being used to attack government agencies, Mandia told Thompson.“We could see in that code [it] was not ours, so when we got that, it was ‘all right, this is real’,” Brown recalls.
The Texas-based SolarWinds determined that 18,000 people had downloaded the tainted product, which the hackers, later attributed to the Russian Foreign Intelligence Service, were able to insert into Orion in the build environment where source code is turned into software.The news broke on the Sunday.SolarWinds notified the stock market before it opened on Monday.The original estimate that up to 18,000 clients could be affected was later revised down to about 100 government agencies and companies that actually were.“It would have been nice to know that on day one, but that was the truth of the matter, right?” Brown says.
“We weren’t really the target,We were just a route to the target,”SolarWinds called in CrowdStrike, KPMG and the law firm DLA Piper to deal with the response and investigation,SolarWinds stopped work on new features for the next six months and its team of 400 engineers focused on systems and security to get the company back on its feet,“We really took transparency to heart – how can we make sure people realise [what] threat actor models [are out there], what they do, how they do reconnaissance, how they then do an attack [and] how they then leave.
”Brown says the company’s customer renewal rate fell into the 80% range in the first few months after the incident, but has since returned to more than 98%.But then came the legal implications.The Biden administration imposed sanctions and expelled Russian diplomats in 2021, partly in response to the attack.SolarWinds settled a class action lawsuit over the attack in 2022 for US$26m.The Securities and Exchange Commission (SEC) then filed a lawsuit against SolarWinds and Brown personally in October 2023, accusing the company and Brown of misleading investors over its claims about cybersecurity protections, and failing to disclose known vulnerabilities.
Brown was in Zurich when he found out he was being charged.“When I walked up a hill, I would lose my breath.My arms would get heavy, my chest would get tight.I was just not getting enough oxygen,” he says.“I did a silly thing.
I flew home … I couldn’t walk from the terminal to my car without stopping,That’s a walk I had done thousand of times,”He was having a heart attack,When he got home, his wife took him to the hospital, where he underwent surgery,He has since recovered.
“Stress keeps building up and I thought I was managing it well and I didn’t proactively go to a doctor,” he says,Brown says he now advocates for companies going through similar incidents to employ psychiatrists to help staff process the stress,“The stress level was pumped up, and then it just went over the edge, but stress was building up all the time,”A confidential jointly proposed settlement with the SEC was announced in July, but has yet to be approved,The US government shutdown has delayed the finalisation of the agreement.
Brown has remained with SolarWinds throughout the process.“It happened on my watch, that’s how I look at it.There are reasons why it occurred, nation state attack, et cetera, but still it happened on my watch,” he says.“I guess I’m stubborn.But it was just very important for us to get through this whole cycle, so leaving wasn’t an option until it was done.
”
French customs reject British shellfish shipments after UK ‘reset’ deal with EU
One of Britain’s largest mussel exporters has suffered a £150,000 loss, after three of its shipments to the EU were rejected in recent weeks by French customs.Family-run business Offshore Shellfish, based in Devon, has continued exporting blue mussels to its European customers since Brexit, despite the administrative burden and onerous paperwork requirements.However, the past month has seen three out of four lorries prevented from entering the EU by customs officials at the port of Boulogne-sur-Mer for various reasons, which the company’s commercial director Sarah Holmyard called “subjective and inconsistent”.“We have sent hundreds and hundreds of loads since Brexit. We’ve never had a single one rejected,” Holmyard told the Guardian
If you like a lot of chocolate on your biscuit … look away now
If you like a lot of chocolate on your biscuit you can no longer join our Club or pick up a Penguin, as the lunchbox favourites have reduced the amount of cocoa in their recipe so much they are now only “chocolate flavour”.The two snacks, both made by McVitie’s, changed their recipes earlier this year amid soaring cocoa prices – which have prompted manufacturers to try a number of different tactics to keep prices down.Club and Penguin can no longer be described as chocolate biscuits as they contain more palm oil and shea oil than cocoa, as first reported by the trade journal The Grocer.“We made some changes to McVitie’s Penguin and Club earlier this year, where we are using a chocolate flavour coating with cocoa mass, rather than a chocolate coating. Sensory testing with consumers shows the new coatings deliver the same great taste as the originals,” the McVitie’s owner, Pladis, said in a statement
The platform exposing exactly how much copyrighted art is used by AI tools
Ask Google’s AI video tool to create a film of a time-travelling doctor who flies around in a blue British phone booth and the result, unsurprisingly, resembles Doctor Who.And if you ask OpenAI’s technology to do the same, a similar thing happens. What’s wrong with that, you may think?The answer could be one of the biggest issues AI chiefs face as their era-defining technology becomes ever more ubiquitous in our lives.Google and OpenAI’s generative artificial intelligence is supposed to be just that – generative, meaning it develops novel answers to our questions. Ask it for a time-travelling doctor, you get one that their systems have created
Are we living in a golden age of stupidity?
From brain-rotting videos to AI creep, every technological advance seems to make it harder to work, remember, think and function independently …Step into the Massachusetts Institute of Technology (MIT) Media Lab in Cambridge, US, and the future feels a little closer. Glass cabinets display prototypes of weird and wonderful creations, from tiny desktop robots to a surrealist sculpture created by an AI model prompted to design a tea set made from body parts. In the lobby, an AI waste-sorting assistant named Oscar can tell you where to put your used coffee cup. Five floors up, research scientist Nataliya Kosmyna has been working on wearable brain-computer interfaces she hopes will one day enable people who cannot speak, due to neurodegenerative diseases such as amyotrophic lateral sclerosis, to communicate using their minds.Kosmyna spends a lot of her time reading and analysing people’s brain states
‘Those final few hours were brutal’: British duo end epic journey in Australia after rowing across Pacific Ocean
One more day. One more day up and down the pitiless slide. One more day of blistered hands gripping unforgiving oars.But after more than 8,000 nautical miles (15,000km) at sea – an epic five-and-a-half-month journey across the Pacific that included close encounters with whales, failing beacons and chocolate shortages – the sea had one more challenge.A gusting 20-knot wind off Cairns kept pushing Jess Rowe and Miriam Payne’s tiny rowboat, the Velocity, from the terra firma that was now achingly close
Champions Day horse racing at Ascot: shock winners at 200-1 and 100-1 – as it happened
Greg Wood’s report from AscotChampions Day pain for puntersAll eyes were on the Champions Stakes ahead of Champions Day at Ascot and while Calandagan was a worthy winner and may have put up the Flat racing performance of the season it was the big-priced winners on the day who made the headlines with Powerful Glory, at 200-1, and Cicero’s Gift, at 100-1, pulling off almighty shocks on a day when the racegoers flocked to the track to supposedly crown “champions”.With the ground riding fast after a prolonged dry spell this was not what was supposed to be expected. However, those sorts of results can come at the end of a long season and is partly the reason why Champions Day doesn’t always prove to be the day when the best come to the fore. Good night for now – we’ll be back with a live blog on Boxing Day as the focus now turns to jump racing.1 Crown Of Oaks 5/1 2 Ebt’s Guard 10/1 3 Holloway Boy 16/1 4 Shout 6/14
Rachel Roddy’s recipe for baked leek and egg gratin | A kitchen in Rome
How to turn scallop roe into a delectable butter – recipe | Waste not
Nicola Lamb’s recipes for toffee apple pie and apple crumb loaf
That won’t wash: should you rinse your mushrooms?
Thomasina Miers’ recipes for mushroom linguine with chard, and poached pears with spiced hazelnut crumble
Rukmini Iyer’s quick and easy recipe for lime dal with roast squash and chilli cashews | Quick and easy