Chris Krebs, a previously high-ranking U.S. cybersecurity leader, and Alex Stamos, formerly the top security executive at Facebook, have jointly launched a new cybersecurity consulting business. Their firm has already secured its initial client: SolarWinds.

The pair has been engaged to provide consulting services to the software company headquartered in Texas, assisting in its recovery from a substantial security compromise believed to be perpetrated by hackers linked to Russia. This breach leveraged the company’s software to establish hidden access points within numerous organizations, impacting a minimum of ten U.S. federal agencies and multiple large corporations.

Confirmed affected entities include the Treasury Department, the State Department, and the Department of Energy, in an incident widely considered to be one of the most serious espionage operations targeting the U.S. government in recent history. Although the U.S. government has attributed responsibility to Russia, the full extent of the intrusions may not be determined for an extended period.

Krebs held a prominent position within the U.S. government’s cybersecurity infrastructure, most recently as the director of CISA, the cybersecurity advisory arm of the Department of Homeland Security, starting in 2018. He was dismissed by President Trump due to his work in disproving unsubstantiated claims regarding the election—assertions frequently originating from the president. Stamos, after leaving Facebook and Yahoo where he also held key cybersecurity roles, became affiliated with the Stanford Internet Observatory. He also provided security guidance to Zoom during a period of security concerns.

Krebs stated in an interview with the Financial Times, which first reported this development, that it could take several years to fully remove the attackers from compromised networks.

Sudhakar Ramakrishna, SolarWinds’ current chief executive, stated in a company blog post that the consultants were brought on board to facilitate greater openness with customers, government collaborators, and the public regarding ongoing and future security improvements.