SolarWinds Hack Compromises Gov and Corporate Servers

Chat about non-baseball topics. No political discussions!
Post Reply
User avatar
Joe Shlabotnik
Hall Of Famer
Posts: 18370
Joined: October 12 06, 2:21 pm
Location: Baseball Ref Bullpen
Contact:

SolarWinds Hack Compromises Gov and Corporate Servers

Post by Joe Shlabotnik »

I'm surprised this hasn't got more legs. I guess we are all distracted by the election and the virus. And while we were, Russia compromised government and corporate servers and taking who-knows-what for months. Check out this quote from another article on this breach. Especially the bold. Talk about stupid, SolarWinds deserves all the blowback they may get.
On Monday, SolarWinds ( SWI ) confirmed that Orion - its flagship network management software - had served as the unwitting conduit for a sprawling international cyberespionage operation. The hackers inserted malicious code into Orion software updates pushed out to nearly 18,000 customers.

Cybersecurity experts are still struggling to understand the scope of the damage.

The malicious updates - sent between March and June, when America was hunkering down to weather the first wave of coronavirus infections - was "perfect timing for a perfect storm," said Kim Peretti, who co-chairs Atlanta-based law firm Alston & Bird's cybersecurity preparedness and response team.

"We may not know the true impact for many months, if not more – if not ever," she said.

The impact on SolarWinds ( SWI ) was more immediate. U.S. officials ordered anyone running Orion to immediately disconnect it. The company's stock has tumbled more than 23% from $23.50 on Friday - before Reuters broke the news of the breach - to $18.06 on Tuesday.

Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds' ( SWI ) update server by using the password "solarwinds123"

User avatar
mikechamp
Perennial All-Star
Posts: 8389
Joined: April 17 06, 5:05 pm
Location: Southwestern Illinois

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Post by mikechamp »

I posted about it approximately 2 hours before this thread... but in a different forum.

viewtopic.php?f=30&t=60121&p=1976382#p1976382

User avatar
heyzeus
Everday Unicorn
Posts: 36473
Joined: April 21 06, 10:14 am
Location: Austin, TX
Contact:

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Post by heyzeus »

Until a few years ago, Solar Winds was HQ'd in the same building I work in. Some of their employees didn't wear shoes in the office. It was weird and gross. Based on this kind of behavior, I'm not surprised they compromised the entire federal government.

User avatar
sighyoung
Mayor of GRB
Posts: 34717
Joined: April 17 06, 7:42 pm
Location: Louisville

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Post by sighyoung »

Image

THE HACKER WAS CHRIS CORREA, I TELL YOU!

User avatar
mikechamp
Perennial All-Star
Posts: 8389
Joined: April 17 06, 5:05 pm
Location: Southwestern Illinois

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Post by mikechamp »

More on this incredibly pervasive breach:
US cybersecurity agency warns of 'grave' threat from hack

Federal authorities expressed increased alarm Thursday about an intrusion into U.S. and other computer systems around the globe that officials suspect was carried out by Russian hackers. The nation's cybersecurity agency warned of a “grave” risk to government and private networks.

The Cybersecurity and Infrastructure Security Agency said in its most detailed comments yet that the intrusion had compromised federal agencies as well as “critical infrastructure” in a sophisticated attack that was hard to detect and will be difficult to undo.

Another U.S. official, speaking Thursday on condition of anonymity to discuss a matter that is under investigation, said the hack was severe and extremely damaging although the administration was not yet ready to publicly blame anyone for it.

“This is looking like it’s the worst hacking case in the history of America,” the official said. “They got into everything.”

https://www.yahoo.com/news/us-cybersecu ... 29432.html

User avatar
Joe Shlabotnik
Hall Of Famer
Posts: 18370
Joined: October 12 06, 2:21 pm
Location: Baseball Ref Bullpen
Contact:

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Post by Joe Shlabotnik »

Bad guys having months of free rein on systems? There's no telling how deep they got.

Imagine hackers getting into the update servers for software development tool vendors. They could reengineer compililers and interpreters to always add machine code backdoors into literally EVERY piece of software produced!

Months is plenty of time to do it.

And, for all we know, the US or Israel has been successful in the same way.

One thing we can probably count on is one day we'll wake up to our computers and phones being turned into paper weights.

User avatar
Radbird
There's someone in my head but it's not me
Posts: 45696
Joined: April 18 06, 5:08 pm
Location: LF Bleachers @ Busch II

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Post by Radbird »

Damn Chinese...

User avatar
GeddyWrox
Perennial All-Star
Posts: 9669
Joined: April 20 06, 8:43 pm
Location: Please use blue font for the sarcasm impaired.

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Post by GeddyWrox »

Radbird wrote:
December 19 20, 5:50 pm
Damn Chinese...
It's disgusting that the fat orange sack of sh!t is still sucking Daddy Vladdy's c@ck in plain sight. UGH. He needs to hang for treason. Seriously.

User avatar
IMADreamer
Has an anecdote about a townie he overheard.
Posts: 11959
Joined: December 6 10, 1:09 am
Location: Illinois

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Post by IMADreamer »

Why can't one of these hackers really do some damage like wipe out everyone's mortgage or credit card debt? It would help the people, but it would absolutely crush the US banking system which would cause an epic economic melt down.

It looks like it will be another month before the US govt has any chance of actually doing anything about this. I fully expect after Biden takes office for the hackers to crash the power grid or something massive like that so that the Republicans can blame Biden and more fighting can happen here. I know we can't go to war with Russia because of nukes and such but America has to find a way to destroy them. Whether it's massive sanctions, hacking, etc. Russia has to be punished out of existence. It needs to be a global effort but America will have to lead. Of course it won't happen because so many in our govt is compromised and now afraid of the Maga morons who vote for them.

and yes Trump needs to hang. His whole organization does.

It's some really bad times ahead for the country.

User avatar
Jocephus
99% conan clips
Posts: 58537
Joined: April 18 06, 5:14 pm

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Post by Jocephus »


Post Reply