Page 1 of 1

SolarWinds Hack Compromises Gov and Corporate Servers

Posted: December 15 20, 6:40 pm
by Joe Shlabotnik
I'm surprised this hasn't got more legs. I guess we are all distracted by the election and the virus. And while we were, Russia compromised government and corporate servers and taking who-knows-what for months. Check out this quote from another article on this breach. Especially the bold. Talk about stupid, SolarWinds deserves all the blowback they may get.
On Monday, SolarWinds ( SWI ) confirmed that Orion - its flagship network management software - had served as the unwitting conduit for a sprawling international cyberespionage operation. The hackers inserted malicious code into Orion software updates pushed out to nearly 18,000 customers.

Cybersecurity experts are still struggling to understand the scope of the damage.

The malicious updates - sent between March and June, when America was hunkering down to weather the first wave of coronavirus infections - was "perfect timing for a perfect storm," said Kim Peretti, who co-chairs Atlanta-based law firm Alston & Bird's cybersecurity preparedness and response team.

"We may not know the true impact for many months, if not more – if not ever," she said.

The impact on SolarWinds ( SWI ) was more immediate. U.S. officials ordered anyone running Orion to immediately disconnect it. The company's stock has tumbled more than 23% from $23.50 on Friday - before Reuters broke the news of the breach - to $18.06 on Tuesday.

Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds' ( SWI ) update server by using the password "solarwinds123"

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Posted: December 16 20, 1:20 am
by mikechamp
I posted about it approximately 2 hours before this thread... but in a different forum.

viewtopic.php?f=30&t=60121&p=1976382#p1976382

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Posted: December 16 20, 9:50 am
by heyzeus
Until a few years ago, Solar Winds was HQ'd in the same building I work in. Some of their employees didn't wear shoes in the office. It was weird and gross. Based on this kind of behavior, I'm not surprised they compromised the entire federal government.

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Posted: December 16 20, 11:32 am
by sighyoung
Image

THE HACKER WAS CHRIS CORREA, I TELL YOU!

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Posted: December 18 20, 2:28 am
by mikechamp
More on this incredibly pervasive breach:
US cybersecurity agency warns of 'grave' threat from hack

Federal authorities expressed increased alarm Thursday about an intrusion into U.S. and other computer systems around the globe that officials suspect was carried out by Russian hackers. The nation's cybersecurity agency warned of a “grave” risk to government and private networks.

The Cybersecurity and Infrastructure Security Agency said in its most detailed comments yet that the intrusion had compromised federal agencies as well as “critical infrastructure” in a sophisticated attack that was hard to detect and will be difficult to undo.

Another U.S. official, speaking Thursday on condition of anonymity to discuss a matter that is under investigation, said the hack was severe and extremely damaging although the administration was not yet ready to publicly blame anyone for it.

“This is looking like it’s the worst hacking case in the history of America,” the official said. “They got into everything.”

https://www.yahoo.com/news/us-cybersecu ... 29432.html

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Posted: December 18 20, 11:03 am
by Joe Shlabotnik
Bad guys having months of free rein on systems? There's no telling how deep they got.

Imagine hackers getting into the update servers for software development tool vendors. They could reengineer compililers and interpreters to always add machine code backdoors into literally EVERY piece of software produced!

Months is plenty of time to do it.

And, for all we know, the US or Israel has been successful in the same way.

One thing we can probably count on is one day we'll wake up to our computers and phones being turned into paper weights.

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Posted: December 19 20, 5:50 pm
by Radbird
Damn Chinese...

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Posted: December 21 20, 11:21 am
by GeddyWrox
Radbird wrote:
December 19 20, 5:50 pm
Damn Chinese...
It's disgusting that the fat orange sack of sh!t is still sucking Daddy Vladdy's c@ck in plain sight. UGH. He needs to hang for treason. Seriously.

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Posted: December 21 20, 5:44 pm
by IMADreamer
Why can't one of these hackers really do some damage like wipe out everyone's mortgage or credit card debt? It would help the people, but it would absolutely crush the US banking system which would cause an epic economic melt down.

It looks like it will be another month before the US govt has any chance of actually doing anything about this. I fully expect after Biden takes office for the hackers to crash the power grid or something massive like that so that the Republicans can blame Biden and more fighting can happen here. I know we can't go to war with Russia because of nukes and such but America has to find a way to destroy them. Whether it's massive sanctions, hacking, etc. Russia has to be punished out of existence. It needs to be a global effort but America will have to lead. Of course it won't happen because so many in our govt is compromised and now afraid of the Maga morons who vote for them.

and yes Trump needs to hang. His whole organization does.

It's some really bad times ahead for the country.

Re: SolarWinds Hack Compromises Gov and Corporate Servers

Posted: January 5 21, 4:47 pm
by Jocephus