Solar Winds has an office nearby and this is probably really bad news for them to get more contracts with feds.
This is a major, major story. For why, these simple graphics will explain:
The above are images from their website, a page which apparently has been taken down:
https://www.solarwinds.com/company/customers
This hack has been ongoing since MARCH.
did not know about them until I drove past their building. I assumed they were solar energy until I looked them up.
They do network monitoring- what servers are up, is the network slow, etc… so their software is pretty much ideally positioned to see a lot about a network.
I’d guess they’re done in the public sector- no city/state/county or any other agency with critical infrastructure is going to buy this after today.
Why would non government people want to use them as well? there are freeware software packages that can do network monitoring on linux. And I assume other commercial packages.
For most people, Solar Winds is a freeware software package. Paid stuff slots into their free platform, but there is also a lot of free stuff, and stuff that is free with restrictions.
There are other freeware network monitoring platforms, but … they don’t compete with SolarWinds. As a guide, have you ever tried using metasploit? You need training to use the metasploit platform. Or at least a couple of free weeks. (I use that only as an example)
freeware hobbit on Linux does some of that monitoring. They changed the name after the hobbit movie came out but I forget the new name.
only 18,000 places impacted!! Nothing to see.
‘Only’ is doing some heavy lifting there, tbh.
This is one of those occurrences that is so huge, it’s hard to get one’s arms around its vast nature. (I’m struggling to see it in MPSIMS.) Simultaneously, it is the most predictable thing in the world, given Russia’s assistance to Trump and vice versa over the past 5-6 years.
Russia did extremely well out of their subversion of our 2016 election and for very little cost. As a nation, we will be paying for Trump’s and his enablers’ traitorous choices for decades.
probably a lot more Russian hacks we don’t know about yet. Or may never know about .
I’m surprised there are only 11 replies so far, as I am with the limited amount of press coverage on this topic. Given the nature of the software and customers potentially affected (large national banks, utilities, telecom) I fear this may be even worse news than Covid. I REALLY hope I’m wrong, and anxiously awaiting the analysis of what was compromised. As a 20-year SDMD lurker, I was hoping for a more active discussion on this topic. I saw Microsoft has taken control of one of the domains and is in the process of assessing at least which organizations or individual accounts are compromised. I guess it’s just wait and see.
My company uses SolarWinds products, but not within my division, so I don’t have any special insight. It has not been mentioned in any internal communications that I’ve seen, but my most local IT folks were aware of the problem before I was.
Political outrage burnout is partially to blame. It has been four straight years of “waiting for the next shoe to drop”, and with Biden’s Presidency in sight all we want is blessed boredom.
I would think it’s big news for IT folks and also for DOD,CIA,NSA, etc folks.
I’ve always assumed that this is business as usual for most governments. I assume that the US also has similar hacks into the computer infrastructure of other countries. I’m not happy the Russians did this, but I wouldn’t be at all surprised to find out the US government is guilty of essentially the same behavior.
the password was solarwinds123 by default
Also, nobody really knows what damage has been done, so it’s hard for the average citizen to get outraged. Or worried.
Now, if somebody official announces something specific, say,that the Social Security system was hacked and you won’t be getting your money next week—that would get a lot of headlines.
a lot of gov systems are still running on ancient IBM mainframes running Cobol. I don’t know if that makes them easier or harder to crack. also plenty of big corporations are still running ancient Cobol systems too. Fidelity is one example and I’m sure there are many more. Some places dumped old stuff for Y2K but many just patched it.
A password was solarwinds123 in a code dump. This is being pointed to, not necessarily as the direct cause of the problem, but as indicative of a level of security which lead to the problem.