Blog

  • ‘I lost 25 pounds in 20 days’: what it’s like to be on the frontline of a global cyber-attack | Cybercrime

    ‘I lost 25 pounds in 20 days’: what it’s like to be on the frontline of a global cyber-attack | Cybercrime

    Tim Brown will remember 12 December 2020 for ever.

    It was the day the software company SolarWinds was notified it had been hacked by Russia.

    Brown, the chief information security officer at SolarWinds, immediately understood the implications: any of the company’s more than 300,000 global clients could be affected too.

    The exploit allowed the hackers remote access to the systems of customers that had installed SolarWinds’ network software Orion, including the US treasury department, the US department of commerce’s National Telecommunications and Information Administration, along with thousands of companies and public institutions.

    Brown says he was “running on adrenaline” in the first few days after the attack.

    It was during the early stages of the Covid pandemic when full-time work-from-home was the norm, but the company’s email was compromised and couldn’t be used to communicate with staff.

    “We gave up on the phones and just everybody came into the office and we got Covid testing,” Brown says. “I lost 25 pounds in about 20 days … just going, going, going.”

    He appeared on CNN and 60 Minutes, and in every major newspaper.

    “The world’s on fire. You’re trying to get information out and trying to have people understand what’s safe and what’s not safe.”

    The company switched to Proton email and Signal while its email was compromised, Brown says. He was taking calls from companies and government agencies across the globe, including the US army and the Covid vaccine program Operation Warp Speed.

    “You get the world wanting verbal communication not written communication. And that is a kind of an important lesson: you can write things down, but they want to talk to the [chief information security officer],” says Brown, who spoke at Melbourne’s CyberCon on Friday.

    “They want to be able to hear colour around the outside of it, so very important to be prepared for that kind of response.”

    How the cyber-attack unfolded

    The notification about the hack came in a phone call from Kevin Mandia, the founder of the cybersecurity firm Mandiant, to SolarWinds’ then CEO Kevin Thompson.

    Mandia told Thompson that SolarWinds had “shipped tainted code” to its Orion software, which helps organisations monitor outages on their computer networks and servers.

    The exploit in Orion was being used to attack government agencies, Mandia told Thompson.

    “We could see in that code [it] was not ours, so when we got that, it was ‘all right, this is real’,” Brown recalls.

    Brown says SolarWinds was not the key target of the hack but ‘a route to the target’. Photograph: Sean Davey/The Guardian

    The Texas-based SolarWinds determined that 18,000 people had downloaded the tainted product, which the hackers, later attributed to the Russian Foreign Intelligence Service, were able to insert into Orion in the build environment where source code is turned into software.

    The news broke on the Sunday. SolarWinds notified the stock market before it opened on Monday.

    The original estimate that up to 18,000 clients could be affected was later revised down to about 100 government agencies and companies that actually were.

    “It would have been nice to know that on day one, but that was the truth of the matter, right?” Brown says. “We weren’t really the target. We were just a route to the target.”

    SolarWinds called in CrowdStrike, KPMG and the law firm DLA Piper to deal with the response and investigation.

    Aftermath: the heart attack

    SolarWinds stopped work on new features for the next six months and its team of 400 engineers focused on systems and security to get the company back on its feet.

    “We really took transparency to heart – how can we make sure people realise [what] threat actor models [are out there], what they do, how they do reconnaissance, how they then do an attack [and] how they then leave.”

    Brown says the company’s customer renewal rate fell into the 80% range in the first few months after the incident, but has since returned to more than 98%.

    But then came the legal implications.

    The Biden administration imposed sanctions and expelled Russian diplomats in 2021, partly in response to the attack.

    SolarWinds settled a class action lawsuit over the attack in 2022 for US$26m. The Securities and Exchange Commission (SEC) then filed a lawsuit against SolarWinds and Brown personally in October 2023, accusing the company and Brown of misleading investors over its claims about cybersecurity protections, and failing to disclose known vulnerabilities.

    Brown has remained at SolarWinds since the cyber-attack. Photograph: Sean Davey/The Guardian

    Brown was in Zurich when he found out he was being charged.

    “When I walked up a hill, I would lose my breath. My arms would get heavy, my chest would get tight. I was just not getting enough oxygen,” he says. “I did a silly thing. I flew home … I couldn’t walk from the terminal to my car without stopping. That’s a walk I had done thousand of times.”

    He was having a heart attack. When he got home, his wife took him to the hospital, where he underwent surgery. He has since recovered.

    “Stress keeps building up and I thought I was managing it well and I didn’t proactively go to a doctor,” he says.

    Brown says he now advocates for companies going through similar incidents to employ psychiatrists to help staff process the stress.

    “The stress level was pumped up, and then it just went over the edge, but stress was building up all the time.”

    A confidential jointly proposed settlement with the SEC was announced in July, but has yet to be approved. The US government shutdown has delayed the finalisation of the agreement.

    Brown has remained with SolarWinds throughout the process.

    “It happened on my watch, that’s how I look at it. There are reasons why it occurred, nation state attack, et cetera, but still it happened on my watch,” he says.

    “I guess I’m stubborn. But it was just very important for us to get through this whole cycle, so leaving wasn’t an option until it was done.”

    Continue Reading

  • The moment I knew: she made the life I’d overcomplicated suddenly straightforward | Life and style

    The moment I knew: she made the life I’d overcomplicated suddenly straightforward | Life and style

    Although it’s now long deleted, my old X account served at least one useful purpose in life. My profile image had me looking up quizzically at a ragdoll kitten on my shoulder. That cat (once mistaken for a parrot by a bone-headed rightwing…

    Continue Reading

  • Ruel: ‘A fan gave me one of their teeth on a necklace – I was definitely a little freaked out’ | Music

    Ruel: ‘A fan gave me one of their teeth on a necklace – I was definitely a little freaked out’ | Music

    What are you secretly really good at?

    When I hold water in my mouth, I’ve got a perfect space in between each of my teeth. So when I point my neck to the sky and blow out water, it looks like a full fountain. It’s all perfect streams, and it…

    Continue Reading

  • Lance Stroll hit with five-place grid penalty for United States Grand Prix

    Lance Stroll hit with five-place grid penalty for United States Grand Prix

    Lance Stroll has been hit with a five-place grid penalty for the United States Grand Prix following a collision with the Haas of Esteban Ocon during Saturday’s Sprint.

    As the action-packed 100 kilometre dash entered into its final stages,

    Continue Reading

  • Shark TurboBlade Cool + Heat review: a powerful fan, but the heating underwhelms

    Shark TurboBlade Cool + Heat review: a powerful fan, but the heating underwhelms

    Why you can trust TechRadar


    We spend hours testing every product or service we review, so you can be sure you’re buying the best. Find out more about how we test.

    Shark TurboBlade Cool + Heat: two-minute review

    Product info

    This model may…

    Continue Reading

  • Reliance Industries Ltd (WBO:RLI) Q2 2026 Earnings Call Highlights: Strong Growth Across …

    Reliance Industries Ltd (WBO:RLI) Q2 2026 Earnings Call Highlights: Strong Growth Across …

    This article first appeared on GuruFocus.

    Release Date: October 17, 2025

    For the complete transcript of the earnings call, please refer to the full earnings call transcript.

    • Reliance Industries Ltd (WBO:RLI) reported strong performance across all business segments, with a notable 18% growth in EBITDA for Jio, driven by strong customer additions in both mobility and home segments.

    • The retail segment saw a robust year-on-year growth of 17% in EBITDA, with revenues increasing by 18%, supported by significant growth in fashion, lifestyle, grocery, and electronics categories.

    • The energy business reported a 21% increase in performance, driven by higher cracks across gasoline, gas oil, and ATF, along with increased domestic placements.

    • Reliance Industries Ltd (WBO:RLI) is making significant progress in its new energy initiatives, with plans to start renewable energy round-the-clock power plants in Kutch next year.

    • The company is expanding its digital services and AI capabilities, with Reliance Intelligence set to develop AI products and solutions, leveraging partnerships with global tech companies like Meta.

    • Despite strong overall performance, the upstream segment experienced a decline due to natural production falls in the KGD6 fields.

    • Finance costs increased by 14%, and depreciation rose by 12%, primarily due to 5G capitalization and spectrum interest.

    • The petrochemical segment faced challenges with weak demand for PVC and PET due to heavy rains and floods affecting agricultural and packaging sectors.

    • The media business, while showing growth, faces challenges in maintaining momentum post-IPL, with a need to convert cricket audiences to entertainment content.

    • The geopolitical situation and increased OSPs have impacted the refining margins, despite high cracks in the refining segment.

    Q: Are there any plans for a tariff hike in the near future? A: Unidentified_2: No immediate plans for a tariff hike. We are encouraging consumers to use more services, but there are no current plans to change tariffs.

    Q: Is the current monthly run rate for connecting new homes expected to increase? A: Unidentified_2: We expect to ramp up the rate of connecting new homes. The technology is working well, and many new connections are being done wirelessly, allowing for simpler and faster implementation.

    Q: How will Reliance Intelligence and Geo Platforms collaborate on AI initiatives? A: Unidentified_2: Reliance Intelligence will develop AI products and solutions, while Geo Platforms will bring these to market. Geo Platforms can also work with other partners like Meta, OpenAI, and Google.

    Q: What is the status of the battery cell assembly plant, and how is Reliance handling equipment sourcing given China’s export restrictions? A: Unidentified_8: The battery cell factories are progressing well, and we have secured all equipment for the first phase of cell manufacturing. Equipment sourcing is happening globally, and we are monitoring the impact of new regulations.

    Q: How is the Quick commerce model different from other models, and what advantages does it offer? A: Unidentified_3: The Quick commerce model has pivoted to focus on instant deliveries, offering the widest assortment, best pricing, and no hidden charges. The model leverages a vast store network and localized assortment knowledge, providing a significant advantage over competitors.

    For the complete transcript of the earnings call, please refer to the full earnings call transcript.

    Continue Reading

  • Microsoft’s big Windows AI bet | Mariners shake Seattle again

    Microsoft’s big Windows AI bet | Mariners shake Seattle again

    Unpacking Microsoft’s big Windows AI push: Veteran tech journalist

    Ed Bott

    joins the GeekWire Podcast to discuss Microsoft’s new Windows 11 AI features — including…

    Continue Reading

  • Novel HIV combo therapy of lenacapavir and 2 bNAbs found effective, well tolerated in Phase 2 trial

    Novel HIV combo therapy of lenacapavir and 2 bNAbs found effective, well tolerated in Phase 2 trial

    Combining lenacapavir (LEN, Gilead) and two broadly neutralizing antibodies (bNAbs) could be a good option for HIV treatment in certain patients, according to results of a phase 2 trial presented at EACS 2025, in Paris.

    The investigators (abstract…

    Continue Reading

  • Adjuvant Nivolumab Displays Long-Term Activity in Resected Melanoma

    Adjuvant Nivolumab Displays Long-Term Activity in Resected Melanoma

    Adjuvant nivolumab (Opdivo) generated a long-term efficacy benefit compared with ipilimumab (Yervoy) for the treatment of patients with resected stage IIIB to IIIC or IV melanoma, according to final data from the phase 3 CheckMate 238 trial…

    Continue Reading

  • Why Football Manager 26 has improved its graphics… with the help of VAR

    Why Football Manager 26 has improved its graphics… with the help of VAR

    Football Manager 26 launches next month, graphics greatly improved from the last release two years ago.

    But while most games will use motion capture to get the most realistic gameplay, the team behind Football Manager have gone leftfield when it…

    Continue Reading