‘I lost 25 pounds in 20 days’: what it’s like to be on the frontline of a global cyber-attack
The security chief of SolarWinds reflects on the Russian hack that exposed US government agencies – and the heart attack he suffered in the aftermathTim Brown will remember 12 December 2020 for ever,It was the day the software company SolarWinds was notified it had been hacked by Russia,Brown, the chief information security officer at SolarWinds, immediately understood the implications: any of the company’s more than 300,000 global clients could be affected too,The exploit allowed the hackers remote access to the systems of customers that had installed SolarWinds’ network software Orion, including the US treasury department, the US department of commerce’s National Telecommunications and Information Administration, along with thousands of companies and public institutions,Brown says he was “running on adrenaline” in the first few days after the attack.
It was during the early stages of the Covid pandemic when full-time work-from-home was the norm, but the company’s email was compromised and couldn’t be used to communicate with staff.“We gave up on the phones and just everybody came into the office and we got Covid testing,” Brown says.“I lost 25 pounds in about 20 days … just going, going, going.”He appeared on CNN and 60 Minutes, and in every major newspaper.“The world’s on fire.
You’re trying to get information out and trying to have people understand what’s safe and what’s not safe.”The company switched to Proton email and Signal while its email was compromised, Brown says.He was taking calls from companies and government agencies across the globe, including the US army and the Covid vaccine program Operation Warp Speed.“You get the world wanting verbal communication not written communication.And that is a kind of an important lesson: you can write things down, but they want to talk to the [chief information security officer],” says Brown, who spoke at Melbourne’s CyberCon on Friday.
“They want to be able to hear colour around the outside of it, so very important to be prepared for that kind of response.”The notification about the hack came in a phone call from Kevin Mandia, the founder of the cybersecurity firm Mandiant, to SolarWinds’ then CEO Kevin Thompson.Mandia told Thompson that SolarWinds had “shipped tainted code” to its Orion software, which helps organisations monitor outages on their computer networks and servers.The exploit in Orion was being used to attack government agencies, Mandia told Thompson.“We could see in that code [it] was not ours, so when we got that, it was ‘all right, this is real’,” Brown recalls.
The Texas-based SolarWinds determined that 18,000 people had downloaded the tainted product, which the hackers, later attributed to the Russian Foreign Intelligence Service, were able to insert into Orion in the build environment where source code is turned into software.The news broke on the Sunday.SolarWinds notified the stock market before it opened on Monday.The original estimate that up to 18,000 clients could be affected was later revised down to about 100 government agencies and companies that actually were.“It would have been nice to know that on day one, but that was the truth of the matter, right?” Brown says.
“We weren’t really the target.We were just a route to the target.”SolarWinds called in CrowdStrike, KPMG and the law firm DLA Piper to deal with the response and investigation.SolarWinds stopped work on new features for the next six months and its team of 400 engineers focused on systems and security to get the company back on its feet.“We really took transparency to heart – how can we make sure people realise [what] threat actor models [are out there], what they do, how they do reconnaissance, how they then do an attack [and] how they then leave.
”Brown says the company’s customer renewal rate fell into the 80% range in the first few months after the incident, but has since returned to more than 98%.But then came the legal implications.The Biden administration imposed sanctions and expelled Russian diplomats in 2021, partly in response to the attack.SolarWinds settled a class action lawsuit over the attack in 2022 for US$26m.The Securities and Exchange Commission (SEC) then filed a lawsuit against SolarWinds and Brown personally in October 2023, accusing the company and Brown of misleading investors over its claims about cybersecurity protections, and failing to disclose known vulnerabilities.
Brown was in Zurich when he found out he was being charged.“When I walked up a hill, I would lose my breath.My arms would get heavy, my chest would get tight.I was just not getting enough oxygen,” he says.“I did a silly thing.
I flew home … I couldn’t walk from the terminal to my car without stopping,That’s a walk I had done thousand of times,”He was having a heart attack,When he got home, his wife took him to the hospital, where he underwent surgery,He has since recovered.
“Stress keeps building up and I thought I was managing it well and I didn’t proactively go to a doctor,” he says.Brown says he now advocates for companies going through similar incidents to employ psychiatrists to help staff process the stress.“The stress level was pumped up, and then it just went over the edge, but stress was building up all the time.”A confidential jointly proposed settlement with the SEC was announced in July, but has yet to be approved.The US government shutdown has delayed the finalisation of the agreement.
Brown has remained with SolarWinds throughout the process,“It happened on my watch, that’s how I look at it,There are reasons why it occurred, nation state attack, et cetera, but still it happened on my watch,” he says,“I guess I’m stubborn,But it was just very important for us to get through this whole cycle, so leaving wasn’t an option until it was done.
”
‘I wish I had taken part sooner’: how a medical trial transformed a young person’s life
Millions of young people risk missing out on new treatments for health conditions and having to use medicines that are unsafe, ineffective or inappropriate because so few take part in medical research. One of those bucking the trend explains why he signed up to a study and how it transformed his life.Gulliver Waite was diagnosed with clinical depression at 19. For years, he struggled with extremely low mood, anxiety, frequent panic attacks and occasional paranoia.“I put everything I could into working because it was basically all I could do,” he says
Millions exploited by ‘menopause gold rush’ amid lack of reliable information, say UK experts
Millions of women are being exploited by a “menopause gold rush” as companies, celebrities and influencers take advantage of a “dearth” of reliable information on the issue, experts have said.Healthcare companies and content creators saw menopause as a “lucrative market” and were trying to profit from gaps in public knowledge, women’s health academics at University College London (UCL) said.Researchers called for the rollout of a national education programme after finding a significant number of women do not feel well-informed about menopause.Writing in the medical journal Post Reproductive Health, they said: “There has been a rapid expansion in unregulated private companies and individuals providing menopause information and support for profit; this has been termed the ‘menopause gold rush’.“This fragmented landscape of menopause support and education leaves people vulnerable to financial exploitation, may propagate misinformation and is likely to amplify existing menopause-related health inequities
Don’t cut London’s affordable housing quotas, Labour MPs urge ministers and mayor
Labour MPs are urging ministers and the London mayor to drop controversial plans to reduce affordable housing quotas in the capital in order to boost homebuilding.MPs have said they are concerned about the proposals being drawn up by the housing secretary, Steve Reed, and the mayor, Sadiq Khan, in response to a sudden drop in new development in the capital.Reed and Khan are considering allowing builders to qualify for fast-track planning approval while promising to build 20% affordable homes, rather than the current minimum of 35%. Labour MPs hope to use the next few weeks before the package is formally announced to persuade them not to do so.Florence Eshalomi, the Labour chair of the housing select committee, said: “Solving the housing crisis relies not just on how many new homes we build, but also on their affordability
Will affordable housing be the casualty as London tackles its building emergency?
Sadiq Khan has known for a while that he has a problem with housebuilding in London. But last week a consultancy published figures about the scale of the problem, which prompted full-scale alarm in City Hall and Whitehall.The analysis from Molior showed that new housebuilding in the capital had collapsed. Only 40,000 homes are under construction – two-thirds the normal rate – and in the first three months of the year builders started work on just 3,248 private sector units.“It is a perfect storm of economic conditions impacting housebuilding,” said one City Hall source
Dr Jill Tattersall obituary
My mother, Jill Tattersall, who has died aged 95, helped to change the face of healthcare by co-founding a clinic providing contraception for unmarried women and underage girls in the 1960s.She qualified as a doctor in Sheffield in 1956 and started out by training in obstetrics and gynaecology, quickly moving into the new field of family planning. During the 60s, birth control supplied by the NHS was only for married women and there was still a great deal of stigma attached to premarital sex and underage relationships.Seeing this gap in the service Jill, along with some other concerned professionals, bought a terrace house in 1966 and set up the 408 Young People’s Consultation Centre on Ecclesall Road in Sheffield. It was converted into a clinic to provide psychological and counselling services to young women, and also contraception, unavailable to unmarried women and underage girls within the mainstream health service until 1974
This gift to housebuilders from Labour is shameful | Letters
The leaked memo circulated in the housing ministry confirms our worst fears: this Labour government is abandoning its promises on affordable housing (A leaked memo, a Maga-style hat and a trail of broken pledges – it’s Labour’s great housing betrayal, 15 October). It’s a slap in the face for people who are crying out for homes they can afford to live in.The plan to shower large property developers with public subsidies is an astonishing misuse of taxpayer money. At a time when public services are on their knees, the government proposes to use scarce public funds to boost the profits of highly successful private companies. We already see this in Liverpool, where the Labour council allows private developers to avoid paying much needed section 106 money because they argue that their schemes become “unviable”
Rashid and Salt star as England thrash New Zealand in second men’s T20 – as it happened
Salt marvels at Brook after England thrash New Zealand in second men’s T20I
Sumo wrestling at the Royal Albert Hall – picture essay
With his top weapon sidelined, Sean McVay proves the ultimate chameleon
Ex-NFL star Doug Martin dies aged 36 after reported struggle with police
‘For sure, the chance is there’: Max Verstappen hopeful he can retain F1 title