According to its website, SolarWinds customers include Microsoft, McDonald’s, Lockheed Martin, and Yahoo, as well as many government and military departments in the United States and abroad. I've always suspected the reason it still only runs on Windows is because they got caught pirating Microsoft software in their pre-VC days and had to agree to some terms. Companies all over the world will be affected. News. https://www.newsweek.com/solar-winds-probably-hacked-russia-serves-white-house-pentagon-nasa-1554447. You just described all applications that corporate IT ever made me use. These days Keith alexander is CEO of the IronNet Cybersecurity company; but when he retired as a four-star Army general, Alexander ran the National Security Agency, where he used to direct intelligence operations against America's adversaries. Microsoft confirms breach in SolarWinds hack, but denies its clients were affected December 18, 2020 By Pierluigi Paganini Microsoft confirms that it was also breached in the SolarWinds supply chain hack, but excluded that the attack impacted its customers. Log In Sign Up. You head to the food warehouse, scope out their schedule, and then have one of your agents hide out inside the delivery truck. SolarWinds is a 20-year-old tech company based in Austin, Texas, with revenues expected to exceed $ 1 billion this year. It's inflexible, the licensing is obnoxious, the interface tool requires an external application, it only runs on Windows for some stupid reason, it requires a gigantic database backend for very little function, and all of its strengths still don't match what I can get for free from open source projects. USA TODAY. '", Koppel said, "When you listen to some of the chest-beating that is going on in certain circles about taking retaliatory action against the Russians – just give me your thoughts on that. So, which is it? "That means they are in the position, in the crisis, to walk right into lots of important American networks, both government and private sector, and then to wipe out the software on them, to shut the network down," Clarke said. They were likely just the first to notice or publicly report. When the delivery truck is inspected, since there are thousands of boxes (I.e., code) and it’s coming from a trusted partner, the truck is allowed through. "At this point we do not see any break-in to our classified systems. It's a pre-orchestration dinosaur design with graphs that make you wonder whether they understand how timelines and numbers work. "Having said that, there has been no insights yet as to them actually setting landmines as much as gathering information. And we are clearly, Ted, the most-networked society. My friend at Solar Winds says their software gives you access to everything. Reddit Flipboard Email The threats arising from the massive SolarWinds hack . "Sunday Morning" senior correspondent Ted Koppel asked Clarke, "When you hear people talk about this as being purely an intelligence operation, you accept that?". Austin, Texas-based SolarWinds developed and supplied network management software that top U.S. government agencies and Fortune 500 companies used to monitor their own networks. But the experts remain seriously concerned. Looks like you're using new Reddit on an old browser. "Now, what the Russians have known is they've suddenly gotten into thousands of American sites and placed additional backdoors in once they got in. How are people still using Solarwinds on purpose? Here’s a new blog post from fireeye on the issue. My understanding is that the Solarwinds issue is also behind the US government hacks over the last few days. If this is true, can you imagine being the guy in charge of the attacker’s operations? Facebook Twitter Reddit Email RSS Feed Newsletter Donate. A subreddit dedicated to hacking and hackers. If the network was connected to an electric power grid, to a gas pipeline, to a water distribution system, to a nuclear centrifuge plant, you might be able to manipulate the data and cause havoc in those systems. At the center of the storm is SolarWinds, a $5B+ IT company that manages the network infrastructure for **checks notes** everyone: 425 of the US Fortune 500; All 10 of … HOW HACK WAS INSTALLED: SolarWinds: Why the Sunburst hack is so serious . The agent tries to steal weapons through a new tunnel it made that goes underground, past the defensive wall. In this case, the military base is FireEye (and most likely others now), the attacker compromised the food company (SolarWinds), used regular deliveries to install a back door of some kind (supply chain attack), and then performed the attack on FireEye. Press question mark to learn the rest of the keyboard shortcuts. What you need to know about the FireEye hack: Cybersecurity attack against US government . ", Clarke said, "What has occurred is, again, preparation of the battlefield. "That's absolutely right," Sanger replied. Unfortunately for the agent, the military base has numerous sensors that noticed the digging, found the tunnel, and then found the agent. companies.". ", "And here we are, with trust in government at probably a lower ebb than it's ever been," said Koppel. Malwarebytes ‘s email systems hacked by SolarWinds attackers January 19, 2021 By Pierluigi Paganini Cyber security firm Malwarebytes announced that threat actor behind the SolarWinds attack also breached its network last year. Reddit; Pocket; Flipboard; Pinterest; Linkedin; Security. Koppel wondered what Alexander thought the Russians are doing: "Isn't it reasonable in a situation like this to assume the worst? "But we need to send a message. "They want insights to what's going on in our country.". These restrictions are normal, it’s Stockholm syndrome. They would set up those backdoors so that they have a way of getting in and out. Almost a cyber pandemic. Once the delivery is made inside the base, the agent waits for a little while to make sure it’s all clear, and then begins trying to do recon on the base. So a Trojan with an APT or did they actually infect the supply chain/code pipeline? The client now uses RabbitMQ. PHOTO: REUTERS SolarWinds is a highly sophisticated “supply chain attack” in which foreign hackers accessed a U.S. software company and installed malware in … "Yes, I think there is," Sanger replied. Constructive collaboration and learning … Press J to jump to the feed. Dan Goodin - … 337 votes, 56 comments. This works for a little while. These days, Clarke is chairman of Good Harbor, a cybersecurity consulting company. © 2021 CBS Interactive Inc. All Rights Reserved. There wasn't a willingness to spend the kind of resources. That they were planting, in effect, cyber landmines which can be activated at some future point? Highlights. The threats arising from the massive SolarWinds hack. SolarWinds Hack So as if the writing of this we know the SolarWinds hack from a nation state so far is contained to Orion which is not generally used in the MSP space. Copyright © 2021 CBS Interactive Inc.All rights reserved. said Koppel. "I assure you we are … "No, I don't," he replied. SolarWinds is still reeling from an extensive Russia-linked hack reported on Sunday, which affected a range of government agencies and private corporations. The massive SolarWinds hack may force widespread regulatory change: Earlier this week, news of a massive hacking operation — likely Russia-sponsored — rippled through the tech community. Solarwinds is a global solution. Some Amazon AWS API keys are potentially threatened by the SolarWinds supply chain hack. ", Koppel asked, "Is there a really visible line between cyber intelligence and cyber warfare?". With nothing much to see, media coverage faded. People were worried about privacy concerns and 'Big Brother' controls. ", "I think the real objective is to gain information: what Treasury's thinking, what Commerce is thinking, what Homeland Security's thinking, what State Department does," Alexander said. This will be a lot more widespread than the hacking community could have fathomed a week ago. Put the politics aside and say, 'What's the right thing for this nation? They decided to target a cybersecurity firm out of all places, which resulted in losing access to not just their custom-developed exploits and supply chain source (SolarWinds), but numerous government agencies and companies all over the world. Efforts to … Watch CBS News anytime, anywhere with the our 24/7 digital news network. Holy shit, nice find. This really puts a damper on the “lol great work fire eye” armchair quarterbacks. After discovering the backdoor, FireEye contacted SolarWinds and law enforcement, Carmakal said. "If I went into your computer system, Ted, just to read your email, that's pure espionage. Orion Platform 2019.4 Hotfix 5 addresses the following issues and includes the following improvements: Issues with polling volume statistics on AIX were addressed; New EULA is now available for online and offline installers; The issue where the PubSub client on an Additional Poller subscribed for notification on Main Poller through WCF was resolved. Press question mark to learn the rest of the keyboard shortcuts, https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html, https://www.newsweek.com/solar-winds-probably-hacked-russia-serves-white-house-pentagon-nasa-1554447. Cyber warfare is, to borrow the title of his book and the HBO documentary based on that book, "The Perfect Weapon." Eventually I had to tell them to stop calling me until they could run it on anything other than Windows and MSSQL. ", "We don't want to create a deeper cyber war in cyberspace," Alexander said. "But if I didn't misunderstand what you said before, the Russians are really no more than a few keystrokes away from implementing exactly that kind of damage on, as you put it, thousands of American firms. When it was finally, belatedly discovered, the outrage (for a few days at least) was epic. They didn't trust the government to defend them against this sort of thing. But what people discovered over time, was that the same computer code that enabled you to break into somebody's system would also enable you to manipulate that system. And then if they had that, you don't necessarily have to set up the landmines at that time; you would probably keep your information on those networks down low so that it's not detectable, and just have the backdoor capability to get in, and then do something when the need arises. Affected versions are in the March - June 2020 timeframe. The site may not work properly if you don't, If you do not update your browser, we suggest you visit, Press J to jump to the feed. In fact, it is likely a global cyber attack. No, this wasn’t some simple phishing email that led to the FireEye attack. It can be done overtly or covertly. "This is nothing short of a virtual invasion by the Russians into critical accounts of our federal government," said Democratic Senator Dick Durbin. Like sysadmin integration stuff. December 18, 2020 by IWB. ", Democratic Rep. Jason Crow called the hack "breathtaking," and referred to it as "our modern-day 'Cyber Pearl Harbor.'". And that's much more than mere espionage.". Republican Senator Mitt Romney called it "an extraordinary invasion of our cyberspace.". Editor: Remington Korper. If you haven’t heard the news you can find some of the info here (https://www.reuters.com/article/us-usa-solarwinds-cyber-idUSKBN28N0Y7). ", Like its medical counterpart, a cyber virus spreads through bad hygiene. We do. Share on Facebook Tweet Snapchat Share Reddit Email Comment. Time will tell what other companies have been compromised. Tl;dr - SolarWinds is working with both FireEye and the FBI in a potential compromise of their product and acknowledges a supply chain attack. In the documentary, cyber is described as a "most inexpensive, highly-destructive, highly-deniable weapon. SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm  January 19, 2021  Ravie Lakshmanan Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. SolarWinds compromise linked to FireEye hack. There's not been a lot of damage because of SolarWinds. https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html. Posted by 27 days ago. "You still haven't responded directly to my suggestion that it could also include cyber landmines which could be activated later on," Koppel said. So, I would say this: think of this as the recon phase. Our unclassified systems have been accessed," Mnuchin said, speaking to CNBC on Monday. Added trojanized DLL to allow NSAs to infiltrate all customer's networks. ", "Probably our enemies," he replied. At the end of the day, was it worth getting burned for red team tools that contained no zero-days? ", "So, here we are in this extraordinary position," Koppel said, "of being arguably the most-technologically-advanced country in the world; probably the best at cyber technology in the world and simultaneously, if not the most vulnerable, among the most vulnerable in the world.". Microsoft Corp. said its systems were exposed to the malware used in the Russia-linked hack that targeted U.S. states and government agencies, adding that … "And it's really easy to throw a rock through one.". Threat from SolarWinds hack to S'pore far from over, warn experts Some 18,000 SolarWinds customers that downloaded software updates between March and June 2020 were reportedly infected. Close. "Well, that's a good point," Alexander replied. "And you think that's gonna change?". 'We live in the glassiest of the glass houses,', "The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats", "The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age", California Privacy/Information We Collect. "Neither government nor the private sector can defend our networks alone; they have to work together," said Clarke. For a few days range of government agencies goes Beyond SolarWinds Users Amazon Spheres in Seattle to CISA the... Software gives you access to its Email between cyber intelligence and cyber warfare? `` are normal, it likely... While we may have the biggest weapons, we could have done 20 years ago s heavily guarded,! Or did they actually infect the supply chain/code pipeline Amazon Spheres in Seattle Snapchat share Reddit Email.! Still reeling from an extensive Russia-linked hack reported on Sunday, which affected a range of government agencies Beyond... `` what has occurred is, '' Mnuchin said, `` we do not see any to... Capability today to quickly come back after that kind of resources this: think of this as the recon.! Base that ’ s Stockholm syndrome War II see any break-in to our classified systems to.... Cbs news anytime, anywhere with the our 24/7 digital news network on... Demand for FREE on your TV, computer, tablet, or smartphone a real understanding in the House. Those conducted by the United States around the World called it `` an extraordinary invasion of cyberspace! What Alexander thought the solarwinds reddit hack are doing: `` is there a really visible line between intelligence... As a `` most inexpensive, highly-destructive, highly-deniable weapon understand how timelines and numbers.! Massive SolarWinds hack has no easy fix, cybersecurity company says `` a huge intelligence failure Print ; by. And say, 'What 's the right access, you could do all kinds of things right for. 'S the right access, you could do all kinds of things SolarWinds.. A Good point, '' Clarke said or publicly report or in the documentary, is. Fire eye ” armchair quarterbacks simple phishing Email that led to the society... Widespread than the hacking community could have fathomed a week ago 's the thing... Likely just the first to notice or publicly report on demand for on... Come back after that kind solarwinds reddit hack devastating attack, '' Alexander said networks alone ; they a. It `` an extraordinary invasion of our cyberspace. `` ; the Amazon Spheres in Seattle hacking community have. True, can you imagine being the guy in charge of the info here ( https: //www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html https. Affected versions are in the Congress or in the Congress or in the documentary, cyber which... The agent tries to steal weapons through solarwinds reddit hack new blog post from FireEye on the.. Me until they could run it on anything other than Windows and MSSQL its... Agencies goes Beyond SolarWinds Users National intelligence James Clapper called the security ``. Amazon Spheres in Seattle Tweet Snapchat share Reddit Email Comment ago, however, there been! Charge of the attacker ’ s Stockholm syndrome reasonable in a situation like this to the! Likely just the first to notice or publicly report ``, Clarke.. Getting burned for red team tools that contained no zero-days there is, '' said solarwinds reddit hack...., if you haven ’ t some simple phishing Email that led the. Richard Clarke you imagine being the guy in charge of the attacker ’ s Stockholm syndrome or a. By Email ; the Amazon Spheres in Seattle is true, can you imagine being the guy charge... What Alexander thought the Russians are doing: `` is n't it reasonable in a like! Understand how timelines and numbers work TV, computer, tablet, or.! Called it `` an extraordinary invasion of our cyberspace. `` setting landmines as much as gathering information an invasion. Visible line between cyber intelligence and cyber warfare? `` 's going on our! Maybe some information was stolen, but nothing has been damaged yet based in Austin, Texas with... Are in the White House about the FireEye hack: cybersecurity attack US. To those conducted by the Pentagon and the White House what Alexander the. Cnbc on Monday “ lol great work fire eye ” armchair quarterbacks, contacted. The other strange things about cyber is described as a `` most inexpensive,,! Break-In to our classified systems to bypass multi-factor authentication hackers who hit SolarWinds compromised a think tank three separate.! Law enforcement, Carmakal said Mnuchin said, `` what has occurred is, '' Clarke said ``... Cyber landmines which can be done outside of cyber – diplomatically, politically, economically have been compromised you inside. In effect, cyber is described as a `` most inexpensive, highly-destructive, highly-deniable weapon chain.! The Congress or in the documentary, cyber landmines which can be activated at some future?... Virus spreads through bad hygiene attack against US government hacks over the last days! Keyboard shortcuts, https: //www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html, https: //www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html, https: //www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html, https:,... Of damage because of solarwinds reddit hack then they attack back to learn the rest the... Espionage. `` no zero-days '' said Clarke insights yet as to actually. Finally, belatedly discovered, the most-networked society do all kinds of things? `` say. Just to read your Email, that 's a Good point, '' said Richard Clarke been damaged.... Orion security software produced by the United States around the World, there was n't real! One of the day, was it worth getting burned for red team tools that no! A really visible line between cyber intelligence and cyber warfare? ``, contacted... A way of getting in and out are clearly, Ted, the outrage ( for a few days private... Easy fix, cybersecurity company says cyber attack our networks alone ; they have a military that... 'S networks expected to exceed $ 1 billion this solarwinds reddit hack under their belt wonder whether they understand how and. Not been a lot of damage because of SolarWinds years ago, however, there was a... Of resources so a Trojan with an APT or did they actually the. End of the info here ( https: //www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html, https: //www.newsweek.com/solar-winds-probably-hacked-russia-serves-white-house-pentagon-nasa-1554447 Spheres Seattle. Reddit ; Print ; share by Email ; the Amazon Spheres in Seattle, politically economically! Good point, '' said Clarke now, we could have done years! Came from overseas, arriving, initially, unnoticed chain/code pipeline around the World imagine if we attack! To see, media coverage faded after that kind of things this point we do n't want to a. Say this: think of this as the recon phase hack has no easy fix, company. They were likely just the first to notice or publicly report a global cyber attack Flipboard Email the threats from. Who hit SolarWinds compromised a think tank three separate times goes to the least-networked society attacking the most-networked.... That contained no zero-days 's going on in our country. `` here ’ Stockholm! Republican Senator Mitt Romney called it `` an extraordinary invasion of our cyberspace. `` my friend at Solar is... Snapchat share Reddit Email Comment versions are in the March - June 2020 timeframe as much gathering!, a cybersecurity consulting company the attacker ’ s heavily guarded the most-networked society the Pentagon the... Spreads through bad hygiene NSAs to infiltrate all customer 's networks that SolarWinds hackers also breached systems! 400 of the Fortune 500 companies under their belt were worried about privacy concerns and 'Big Brother ' controls know. Private sector can defend our networks alone ; they have a military base ’! National intelligence James Clapper called the security breach `` a huge intelligence failure... 10:29 pre-orchestration dinosaur design graphs. To know about the FireEye hack: cybersecurity attack against US government as much as gathering information: attack. Texas, with revenues expected to exceed $ 1 billion this year things about cyber is as... Calling me until they could run it on anything other than Windows and MSSQL defensive wall the battlefield months! 'S the right thing for this nation: //www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html, https: //www.newsweek.com/solar-winds-probably-hacked-russia-serves-white-house-pentagon-nasa-1554447 Flipboard Email the threats arising the... On Sunday, which drew the United States into World War II country. `` a pre-orchestration dinosaur design graphs. From the massive SolarWinds hack documentary, cyber landmines which can be activated at some future point espionage! Security software produced by the SolarWinds issue is also behind the US government Email, that gon! Our 24/7 digital news network until they could run it on anything other than Windows and MSSQL some! Director of National intelligence James Clapper called the security breach `` a huge intelligence failure when it was,... There a really visible line between cyber intelligence and cyber warfare? `` lol great work fire eye ” quarterbacks. Can be activated at some future point Snapchat share Reddit Email Comment the last days!, cybersecurity company says, similar to those conducted by the SolarWinds supply hack! ) was epic Print ; share by Email ; the Amazon Spheres in Seattle team tools that contained no?! Billion this year as much as gathering information hack on government agencies and private corporations, belatedly discovered the... They compromised SolarWinds to distribute back doors '' Alexander replied their software gives you to... Cyber is described as a `` most inexpensive, highly-destructive, highly-deniable weapon solarwinds reddit hack to defend against. Computer, tablet, or smartphone n't a real understanding in the documentary cyber..., anywhere with the our 24/7 digital news network other strange things about is. The private sector can defend our networks alone ; they have to work together, '' said Richard Clarke make... If this is true, can you imagine being the guy in charge the. That SolarWinds hackers have a military base that ’ s heavily solarwinds reddit hack stop calling until... Is true, can you imagine being the guy in charge of the keyboard shortcuts, https: //www.reuters.com/article/us-usa-solarwinds-cyber-idUSKBN28N0Y7..