Hacked Texas-based IT infrastructure provider SolarWinds was warned over weak password security last year, after security researcher Vinoth Kumar discovered that the company used "solarwinds123" to protect their update server.
"This could have been done by any attacker, easily," said Kumar, according to Reuters.
On Monday, SolarWinds confirmed that their flagship network management software, Orion, was the target of an international cyberespionage operation which the Washington Post pinned on government-backed Russian hackers - who inserted malicious code into Orion software updates and pushed it out to almost 18,000 customers.
The malicious updates - sent between March and June, when America was hunkering down to weather the first wave of coronavirus infections - was “perfect timing for a perfect storm,” said Kim Peretti, who co-chairs Atlanta-based law firm Alston & Bird’s cybersecurity preparedness and response team.
Assessing the damage would be difficult, she said.
“We may not know the true impact for many months, if not more – if not ever,” she said. -Reuters
Included in the breach were the US Treasury, the Commerce Department's National Telecommunications and Information Administration (NTIA) and other government agencies.
Meanwhile, Reuters also reports that "multiple criminals have offered to sell access to SolarWinds’ computers through underground forums, according to two researchers who separately had access to those forums."
Hacked Texas-based IT infrastructure provider SolarWinds was warned over weak password security last year, after security researcher Vinoth Kumar discovered that the company used "solarwinds123" to protect their update server.
"This could have been done by any attacker, easily," said Kumar, according to Reuters.
On Monday, SolarWinds confirmed that their flagship network management software, Orion, was the target of an international cyberespionage operation which the Washington Post pinned on government-backed Russian hackers - who inserted malicious code into Orion software updates and pushed it out to almost 18,000 customers.
The malicious updates - sent between March and June, when America was hunkering down to weather the first wave of coronavirus infections - was “perfect timing for a perfect storm,” said Kim Peretti, who co-chairs Atlanta-based law firm Alston & Bird’s cybersecurity preparedness and response team.
Assessing the damage would be difficult, she said.
“We may not know the true impact for many months, if not more – if not ever,” she said. -Reuters
Included in the breach were the US Treasury, the Commerce Department's National Telecommunications and Information Administration (NTIA) and other government agencies.
Meanwhile, Reuters also reports that "multiple criminals have offered to sell access to SolarWinds’ computers through underground forums, according to two researchers who separately had access to those forums."
Turns out, “PASSWORD” wasn’t such a great password 🤔 Oh well...it’s just our national security at stake...no big deal, right?
Now, take a look at which Government Departments and Corporations have been compromised for the longest time.
https://d.newsweek.com/en/full/1685636/solarwinds-partial-customer-list.webp?w=790&f=5e2ed60fac3aba39a22a3bccb3fbc751
And that’s an older list (2014-ish). The CCP has only stepped up their efforts since then.