This article is only the tip of the ICEBERG....
The attackers, whom CISA said began their operation no later than March, managed to remain undetected until last week when security firm FireEye reported that hackers backed by a nation-state had penetrated deep into its network. Early this week, FireEye said that the hackers were infecting targets using Orion, a widely used network management tool from SolarWinds. After taking control of the Orion update mechanism, the attackers were using it to install a backdoor that FireEye researchers are calling Sunburst.”>
When you read this article (link posted below) you will understand just why I’m saying this and the writing is on the wall.
FIRST: Trump has already won! Almost 100% sure on this.
As you will read in the article, ORION/SolarWinds has been compromised. It’s been known for a couple days now. It’s far more serious than initially expected.
Why does this matter: Well pedes, SolarWinds powered the dominion/tabulation machines. It has now been proven that we have been under attack for months.
This means that the entire election will have to be thrown out*
That means that neither candidate will have 270 electoral votes, which means that the HOUSE will vote. 1 vote per state. Do the math it’s over.
I’m actually sad right now while writing this, not because we’re not going to get the outcome we’ve so desired, but more so because this will change the world.
We will undoubtedly go to war over this. Many people will die. This won’t be like Iraq or Afghanistan. This will be a near peer actor. Most likely China although I’ve seen Russia mentioned as well.
I am OVERJOYED that Trump will stay in office. Unfortunately there will likely not be much time for celebration.
These actors are inside of our network. They can shut off our power grid, our water supply, our food supply.
This is some scary ass shit!
Please READ THE ARTICLE so that you can see I’m not overplaying this at all.
Start making preparations. I fear the next time we see POTUS it will be a prime time event and what we hear will not be good for our way of life.
I pray to God that I am wrong!
Hmm. Well the power grid thing is just wrong. There is no single entity that is a power grid. There is no national grid. There are over 3,000 power companies in the US. Now some of those are small players, but there's a few hundred large power generators. Each operates its own grid. They interconnect agreements and power sharing/buying/selling agreements between each other. Management of these grids is distributed not centralized.
If someone knows the statement to be incorrect please advise.
You are incorrect.
Every single power company connects to the internet. That means that they are compromised. Did you read the article at all?
If they have been “persistent since March” that means that they have been able to pivot and are in the root directory.
I don’t even think there’s a way to remedy this beyond wiping every single router/switch and reimaging every single computer.
If you’re not IT (I know you are but many here aren’t) then I understand. Anyone who is in the IT field definitely understands the gravity of this situation.
This isn’t hyperbole fellas. This is as REAL as it gets
UNPLUG.
Any network starts as a local area network. If that local network is not physically connected to a Wide Area Network it is not vulnerable from outside attack. If there is connectivity to the outside world, or a public network such as the one we know as the Internet, it is as vulnerable as the routing/gateway/firewall devices that connect it. So yes, anything connected to a public network is subject to being defeated. What can't be defeated is the UNPLUG.
I still remember the gravity of the "Year 2000 Switch".
Yes but now imagine our entire infrastructure having to unplug.
While most likely at war....
I'm not seeing where in your article link it says every power company is connected to Internet.
That said, you have plant operation networks and the business side networks. As far as plant operation, I can't imagine a scenario where those networks go beyond the premises. i.e. Physical presence would be necessary to operate. There would be an air gap between any power infrastructure regulating/operating devices and any public wide area network. Now there could be a private OC-3 level connection between generation facilities. But that would also be private network that could only be infiltrated at the carrier level which would require nefarious hardware installation for ip communication, correct?
Going back to this attack specifically, if it is as truly widespread as is claimed, there are very likely players on the inside.
Interesting info from Canada regarding power grid. We know folks working at one of the major dam's in BC,Canada. Several times the doors has been locked preventing anyone getting in to main bldg where control room is located and also none could get out. The folks we know had to contact Atlanta. Georgia to get new pass codes to enter.
The not for profit outfit is https://nerc.ukri.org/ who has contracts right across Canada with all the power generating provinces. 100% of production goes to US then what ever is needed for local Canadian customers is returned. I did a quick dig but before I could make a post on this my pc was 'zapped' and is now dead. Using friends right now.
This would mean that power could be cut from this one point and affect huge parts of US and Canada.
If you read the actual CISA alert, you would understand that it's not a guaranteed compromise just because they ran Solarwinds. Just because they got persistence doesn't mean they got it EVERYWHERE. I'm not trying to undermine the significance of this, but you've got to keep it in perspective.
Tracking that. Since you have also read the report, what do you think about Windows being compromised and even secret keys being generated to bypass dual authentication on OWA and much much more?