Solarwinds isn’t on the classified nets and if it is they’re air gapped anyways.
Doubt they got much they don’t already have.
The Infowar / cyber war is real it has been going on for years it’s frightening how much nations know about each other that we the public will never see.
Potentially if solarwinds account has access to their radius or TACACs log ins. Typically not as it’s would have to be a common id across all network elements with a common login in from the server. Again it’s just typically monitoring and reporting software with a northbound interface in the customers I deal with. If there is a back door, it would need to be set up on the Appliance or vm. If solarwinds is set up to provision, that is a different discussion. The work I’ve done with the 3 letter agencies didn’t show that at all and the fips requirements were tight. I do t see it
Solarwinds isn’t on the classified nets and if it is they’re air gapped anyways.
Doubt they got much they don’t already have.
The Infowar / cyber war is real it has been going on for years it’s frightening how much nations know about each other that we the public will never see.
I agree that the Govt is likely not affected by this.
Most companies could have been though.
And the bigger network backbone providers across the globe, could be attacked.
Solarwinds is a snmp mgmt system typically. If it’s been hacked it’s either fuckery or blocking alarms from compromised systems.
Correct me if I'm wrong, but if someone has access to SolarWinds, wouldn't they be able to remotely access any machines using their RMM?
Potentially if solarwinds account has access to their radius or TACACs log ins. Typically not as it’s would have to be a common id across all network elements with a common login in from the server. Again it’s just typically monitoring and reporting software with a northbound interface in the customers I deal with. If there is a back door, it would need to be set up on the Appliance or vm. If solarwinds is set up to provision, that is a different discussion. The work I’ve done with the 3 letter agencies didn’t show that at all and the fips requirements were tight. I do t see it