I am a SolarWinds Certified Professional. I can confirm that this being hacked is of the utmost levels of scary.
This tool allows for a VERY wide range of abilities.. from monitoring physical devices on a LAN and WAN, monitoring and CAPTURING actual packets of data, access to CONFIGURING and ALTERING servers and network devices that support SNMP protocol (everything on planet earth, including voting machines probably).
This is no bueno. No bueno at all, and it will take months or maybe years to figure out what all damage has been done.
Solarwinds isn’t on the classified nets and if it is they’re air gapped anyways.
Doubt they got much they don’t already have.
The Infowar / cyber war is real it has been going on for years it’s frightening how much nations know about each other that we the public will never see.
Potentially if solarwinds account has access to their radius or TACACs log ins. Typically not as it’s would have to be a common id across all network elements with a common login in from the server. Again it’s just typically monitoring and reporting software with a northbound interface in the customers I deal with. If there is a back door, it would need to be set up on the Appliance or vm. If solarwinds is set up to provision, that is a different discussion. The work I’ve done with the 3 letter agencies didn’t show that at all and the fips requirements were tight. I do t see it
By the time anyone figures out what happened on 12/13/2020, 100x worse will have happened. These devices have back doors as a feature. It wasn’t a hack, it was an administrative takeover
I am a SolarWinds Certified Professional. I can confirm that this being hacked is of the utmost levels of scary.
This tool allows for a VERY wide range of abilities.. from monitoring physical devices on a LAN and WAN, monitoring and CAPTURING actual packets of data, access to CONFIGURING and ALTERING servers and network devices that support SNMP protocol (everything on planet earth, including voting machines probably).
This is no bueno. No bueno at all, and it will take months or maybe years to figure out what all damage has been done.
Solarwinds isn’t on the classified nets and if it is they’re air gapped anyways.
Doubt they got much they don’t already have.
The Infowar / cyber war is real it has been going on for years it’s frightening how much nations know about each other that we the public will never see.
I agree that the Govt is likely not affected by this.
Most companies could have been though.
And the bigger network backbone providers across the globe, could be attacked.
Solarwinds is a snmp mgmt system typically. If it’s been hacked it’s either fuckery or blocking alarms from compromised systems.
Correct me if I'm wrong, but if someone has access to SolarWinds, wouldn't they be able to remotely access any machines using their RMM?
Potentially if solarwinds account has access to their radius or TACACs log ins. Typically not as it’s would have to be a common id across all network elements with a common login in from the server. Again it’s just typically monitoring and reporting software with a northbound interface in the customers I deal with. If there is a back door, it would need to be set up on the Appliance or vm. If solarwinds is set up to provision, that is a different discussion. The work I’ve done with the 3 letter agencies didn’t show that at all and the fips requirements were tight. I do t see it
MSM is blaming Russia. Why do I have a hard time believing that one?
Because that’s what their CCP overlords told them to say
What’s fucked is if it actually was Russia we wouldn’t believe it because democrats ruin everything.
How long has the attack been going on for before it got noticed by someone? Consider everything compromised.
Hard to say. And it might not be possible to know, but that depends on a few factors. Enough information about it has not been released yet.
By the time anyone figures out what happened on 12/13/2020, 100x worse will have happened. These devices have back doors as a feature. It wasn’t a hack, it was an administrative takeover