1000 Engineers? Let us not forget the way the 'hackers' gained access to Solarwinds was through their update server, to which the password was Solarwinds123. If you ask me it sounds like they intentionally left this open for intrusion rather than a hack. Not a single qualified cyber expert professional would say that having that password to your update server is okay, or even close to industry standards
I'm saying from a tech security perspective, that having that as your update password borders between extreme negligence and intentional failure. Im leaning towards intentional failure, no security expert would have let that fly
You posit an excellent thought. I think a detailed examination of "the damage done" would reveal if this has been a White hat hack. See, the White hat Hackrz -- including "government entities" -- would break into the systems, push lots of cruft in there and then back out. The cruft inserted would reveal just how and how deeply they wished to fuck up the systems. I know that the bulletins issued gave doomsday reports, but how deep was that doomsday?
When I heard about this I thought of several people I know who work in government intelligence. They are way, way left-wing and I bet they panicked? They spout off all the time about right wingers and Trump and how stupid and evil we all are. They think they're the smartest people in the world???
The main problem lies with the fucking idiots who work for those places compromised. They click on almost anything without thinking about the consequences of that action. It only takes one fuckwit idiot (FI) to do harm.
Two factor authentication has long been known to be vulnerable to the "Man in the Middle" (MITM) attack route. Cloned cellphones are used for complete the MITM attack and the FI bunch are clueless until someone from security calls them, as you will read in the report.
Because those systems are all inter-connected and the updates are "pushed" from a central server, the entire system of systems can become infected. FI's are the initial culprit. However, the other culprits are the hackers sponsored by governments such as Russia, China,, North Korea and Israel. Yes, (((Israel))), our wonderful ally and friend to Amuuurica.
Until we actively take actions against those groups and their sponsors, the attacks will continue, the FI's will continue to be FI's and we will have these attacks.
Active measures would include pin-point guided missile attacks against their bases of operations; Special Operators going in and killing the hackers and their families (preferably with the bodies lined up with their heads off and lined up too); and finally a strategic decapitation of the government entities which sponsor those activities.
Protocols? For starters, as soon as an FI is discovered to have done an FI thing, he/she/zer/zim/they would be immediately terminated. I would prefer to have the FI shot or hanged in front of the entire office staff. That may be hyperbole, but I mean it.
Yep, the Francophones are pretty well obdurate about "their" language. They have never gotten over the fact that French is no longer the international language of diplomacy and supplanted by American English. Soon to be supplanted by Mandarin Chinese I suppose.
No, I said that because of experience, travel, and studying languages. For instance, English has the most words, rich in specific definitions to cover every situation, because it borrowed from many languages and was able to cover so much that now when there is no native word in a language thry borrow from English (which is why it's such a shame to see discourse reduced to "cuck" or similar all purpose words). It is easy to grasp even when mangled by accents, because accents are mostly vowels and English is recognized by consonant patterns.Thus it has become the lingua franca of trade, science, and culture, and if you want a good chance at a big audience, English is your best bet. I live in a very bilingual area and "private" language conversations are an illusion.
First would be a total lockdown of the capability to make ANY changes and/or updates. The lockdown would require a two-person authentication with each person being physically present at the one controlling machine enabled with access. Two-person authentication is what is used for nuclear weapons access and for cryptographic systems. Those two, and only those two would each hold an RSA crypt-authorization dongle which would also require their fingerprint on the sensor (I have one for my Linux system, BTW).
For sure this would "slow down" things a bit and the big-head "administrators" would be freaking out because it removes their god-powers as IT Administrators. Bt, isn't slowing down a bit more better than being hacked via the FI and MITM route?
What is obvious is that even the most basic security measures were (and likely still are) missing from the update server. I mean "Solarwinds123" as a password? "Come on man!!" Even teenaged hackerzz would penetrate that after they parse the IP address of the server, which is out there in the open for anyone to see and exploit. Using a pass-phrase of 1024 ASCII characters split into two separate streams via the RSA Token would be the way to start. Even NSA couldn't break that in less than the time it takes our Sun to go dark.
See, the real issue here is "time and money". The FI's are not only the lame-brain who enables the MITM attack but the feckless supervisors, administrators and their equal-opportunity affirmative-action high level bosses.
1000 Engineers? Let us not forget the way the 'hackers' gained access to Solarwinds was through their update server, to which the password was Solarwinds123. If you ask me it sounds like they intentionally left this open for intrusion rather than a hack. Not a single qualified cyber expert professional would say that having that password to your update server is okay, or even close to industry standards
Here is an article talking about the solarwinds123 password, https://www.techdirt.com/articles/20201215/13203045893/security-researcher-reveals-solarwinds-update-server-was-secured-with-password-solarwinds123.shtml
I'm saying from a tech security perspective, that having that as your update password borders between extreme negligence and intentional failure. Im leaning towards intentional failure, no security expert would have let that fly
Could this have been done by white hats?
You posit an excellent thought. I think a detailed examination of "the damage done" would reveal if this has been a White hat hack. See, the White hat Hackrz -- including "government entities" -- would break into the systems, push lots of cruft in there and then back out. The cruft inserted would reveal just how and how deeply they wished to fuck up the systems. I know that the bulletins issued gave doomsday reports, but how deep was that doomsday?
I hope this is part of "we have it all"
When I heard about this I thought of several people I know who work in government intelligence. They are way, way left-wing and I bet they panicked? They spout off all the time about right wingers and Trump and how stupid and evil we all are. They think they're the smartest people in the world???
I think that's the case with a lot of former libs. Welcome to the right side?
The main problem lies with the fucking idiots who work for those places compromised. They click on almost anything without thinking about the consequences of that action. It only takes one fuckwit idiot (FI) to do harm.
Two factor authentication has long been known to be vulnerable to the "Man in the Middle" (MITM) attack route. Cloned cellphones are used for complete the MITM attack and the FI bunch are clueless until someone from security calls them, as you will read in the report.
Because those systems are all inter-connected and the updates are "pushed" from a central server, the entire system of systems can become infected. FI's are the initial culprit. However, the other culprits are the hackers sponsored by governments such as Russia, China,, North Korea and Israel. Yes, (((Israel))), our wonderful ally and friend to Amuuurica.
Until we actively take actions against those groups and their sponsors, the attacks will continue, the FI's will continue to be FI's and we will have these attacks.
Active measures would include pin-point guided missile attacks against their bases of operations; Special Operators going in and killing the hackers and their families (preferably with the bodies lined up with their heads off and lined up too); and finally a strategic decapitation of the government entities which sponsor those activities.
Protocols? For starters, as soon as an FI is discovered to have done an FI thing, he/she/zer/zim/they would be immediately terminated. I would prefer to have the FI shot or hanged in front of the entire office staff. That may be hyperbole, but I mean it.
Yep, the Francophones are pretty well obdurate about "their" language. They have never gotten over the fact that French is no longer the international language of diplomacy and supplanted by American English. Soon to be supplanted by Mandarin Chinese I suppose.
English is a very powerful language.
No, I said that because of experience, travel, and studying languages. For instance, English has the most words, rich in specific definitions to cover every situation, because it borrowed from many languages and was able to cover so much that now when there is no native word in a language thry borrow from English (which is why it's such a shame to see discourse reduced to "cuck" or similar all purpose words). It is easy to grasp even when mangled by accents, because accents are mostly vowels and English is recognized by consonant patterns.Thus it has become the lingua franca of trade, science, and culture, and if you want a good chance at a big audience, English is your best bet. I live in a very bilingual area and "private" language conversations are an illusion.
First would be a total lockdown of the capability to make ANY changes and/or updates. The lockdown would require a two-person authentication with each person being physically present at the one controlling machine enabled with access. Two-person authentication is what is used for nuclear weapons access and for cryptographic systems. Those two, and only those two would each hold an RSA crypt-authorization dongle which would also require their fingerprint on the sensor (I have one for my Linux system, BTW).
For sure this would "slow down" things a bit and the big-head "administrators" would be freaking out because it removes their god-powers as IT Administrators. Bt, isn't slowing down a bit more better than being hacked via the FI and MITM route?
What is obvious is that even the most basic security measures were (and likely still are) missing from the update server. I mean "Solarwinds123" as a password? "Come on man!!" Even teenaged hackerzz would penetrate that after they parse the IP address of the server, which is out there in the open for anyone to see and exploit. Using a pass-phrase of 1024 ASCII characters split into two separate streams via the RSA Token would be the way to start. Even NSA couldn't break that in less than the time it takes our Sun to go dark.
See, the real issue here is "time and money". The FI's are not only the lame-brain who enables the MITM attack but the feckless supervisors, administrators and their equal-opportunity affirmative-action high level bosses.