The Former SolarWinds CEO Is Blaming the Firm’s Poor Cybersecurity on an Intern

Josephine Wolff write about the blame game in the SolarWinds data breach, via her Slate column.
Josephine Wolff headshot

In fairness, there are probably no really good answers to the question: How did your company leave your IT infrastructure so unprotected that it was used to deliver malware to several branches of the federal government as well as a series of high-profile private sector targets?

But maybe blaming an intern was not the best approach.

On Friday, former SolarWinds CEO Kevin Thompson testified about the massive espionage campaign that originated at his former company at a congressional hearing held jointly by the House Oversight and Homeland Security Committees. Members of Congress honed in on the fact that the company had used the password “solarwinds123” to log in to a file transfer server, though it was not clear at the hearing whether that password was used in the intrusion that subsequently infected many government departments and private companies with malware via a malicious SolarWinds update.*

Read More

Tags:

Op-eds