Austin-based SolarWinds at center of massive US government hack

[Leroy N. Soetoro]

https://www.kxan.com/news/local/austin/austin-based-solarwinds-at-center-
of-massive-us-government-hack/

WASHINGTON (AP, KXAN) — Hackers broke into the networks of the Treasury
and Commerce departments as part of a global cyberespionage campaign. They
accessed those networks by slipping malware into a SolarWinds software
update, according to the global cybersecurity firm FireEye, which was also
compromised.

The first phases of this monthslong cyberespionage campaign started in the
spring. The malware gave the hackers remote access to victims’ networks.

The FBI and the Department of Homeland Security’s cybersecurity arm are
investigating what experts and former officials said appeared to be a
large-scale penetration of U.S. government agencies. Industry experts said
it bore the hallmarks of Russian tradecraft.

“This can turn into one of the most impactful espionage campaigns on
record,” said cybersecurity expert Dmitri Alperovitch.

The hacks were revealed less than a week after FireEye disclosed that
foreign government hackers had broken into its network and stolen the
company’s own hacking tools. Many experts suspect Russia is responsible.
FireEye’s customers include federal, state and local governments and top
global corporations.

How and why hackers targeted SolarWinds

The apparent conduit for the Treasury and Commerce Department hacks — and
the FireEye compromise — is a hugely popular piece of server software
called SolarWinds. It is used by hundreds of thousands of organizations
globally, including most Fortune 500 companies and multiple U.S. federal
agencies who will now be scrambling to patch up their networks, said
Alperovitch, the former chief technical officer of the cybersecurity firm
CrowdStrike.

SolarWinds is headquarted in Austin with offices off of Southwest Parkway
in Southwest Austin.

FireEye, without naming the breached agencies or other targets, said in a
blog post that its investigation into the hack of its own network had
identified “a global campaign” targeting governments and the private
sector that, beginning in the spring, slipped malware into a SolarWinds
software update.

The malware gave the hackers remote access to victims’ networks.

SolarWinds CEO reacts to the hack
SolarWinds said the “potential vulnerability” was related to updates
released between March and June for software that helps organizations
monitor their online networks for problems.

“We believe that this vulnerability is the result of a highly-
sophisticated, targeted and manual supply chain attack by a nation state,”
said SolarWinds CEO Kevin Thompson in a statement.

The compromise is critical because SolarWinds would give a hacker “God-
mode” access to the network, making everything visible, said Alperovitch.

SolarWinds asks all customers to upgrade immediately to Orion Platform
version 2020.2.1 HF 1 to address a security vulnerability. More
information is available at https://t.co/scsUhZJCk8

— SolarWinds (@solarwinds) December 14, 2020
FireEye said it had notified “multiple organizations” globally where it
saw indications of compromise. It said that the hacks did not seed self-
propagating malware — like the 2016 NotPetya malware blamed on Russia that
caused more than $10 billion in damage globally — and that any actual
infiltration of an infected organization required “meticulous planning and
manual interaction.”

The U.S. government did not publicly identify Russia as the culprit behind
the hacks, first reported by Reuters, and said little about who might be
responsible. Cybersecurity experts said last week that they considered
Russian state hackers to be the main suspect.

National Security Council spokesperson John Ullyot said in a statement
that the government was “taking all necessary steps to identify and remedy
any possible issues related to this situation.”

Who are the SolarWinds customers who might be affected?

On its website, SolarWinds says it has 300,000 customers worldwide,
including all five branches of the U.S. military, the Pentagon, the State
Department, NASA, the NSA, the Department of Justice and the White House.
It says the 10 leading U.S. telecommunications companies and top five U.S.
accounting firms are also among customers.

The government’s Cybersecurity and Infrastructure Security Agency said it
was working with other agencies to help “identify and mitigate any
potential compromises.”

President Donald Trump last month fired the director of CISA, Chris Krebs,
after Krebs vouched for the integrity of the presidential election and
disputed Trump’s claims of widespread electoral fraud.

In a tweet Sunday, Krebs said “hacks of this type take exceptional
tradecraft and time,” adding that he believed that its impact was only
beginning to be understood.

Also, hacks of this type take exceptional tradecraft and time. On the 1st,
if this is a supply chain attack using trusted relationships, really hard
to stop. On the 2nd, I suspect this has been underway for many months.
Need good detections to find victims and determine scope.

— Chris Krebs (@C_C_Krebs) December 13, 2020
Federal government agencies have long been attractive targets for foreign
hackers.

Hackers linked to Russia were able to break into the State Department’s
email system in 2014, infecting it so thoroughly that it had to be cut off
from the internet while experts worked to eliminate the infestation.

Reuters earlier reported that a group backed by a foreign government stole
information from Treasury and a Commerce Department agency responsible for
deciding internet and telecommunications policy.

The Treasury Department deferred comment to the National Security Council.
A Commerce Department spokesperson confirmed a “breach in one of our
bureaus” and said “we have asked CISA and the FBI to investigate.” The FBI
had no immediate comment.

“I suspect that there’s a number of other (federal) agencies we’re going
to hear from this week that have also been hit,” former NSA hacker Jake
Williams said.

___

Krisher reported from Detroit and Bajak reported from Boston. Associated
Press writer Matt O’Brien contributed to this report from Providence,
Rhode Island.



--
"LOCKDOWN", left-wing COVID fearmongering. 95% of COVID infections
recover with no after effects.

No collusion - Special Counsel Robert Swan Mueller III, March 2019.

Donald J. Trump, cheated out of a second term by fraudulent "mail-in"
ballots. Report voter fraud: sf.n...@mail.house.gov

Thank you for cleaning up the disaster of the 2008-2017 Obama / Biden
fiasco, President Trump.

Under Barack Obama's leadership, the United States of America became the
The World According To Garp. Obama sold out heterosexuals for Hollywood
queer liberal democrat donors.

President Trump boosted the economy, reduced illegal invasions, appointed
dozens of judges and three SCOTUS justices.

[BeamMeUpScotty]

Obviously the Feds can't guarantee to us that Foreign hacking into the
election happened... for one thing they might have foreign agents inside
the USA doing the hacking.

Foreign companies built and owned the election machines used inside the
United States.





--
TAKE THE RED PILL

https://www.oann.com/ https://americasvoice.news/
https://www.thegatewaypundit.com/ https://www.zerohedge.com/
https://www.infowars.com/ https://www.tatumreport.com/
https://thenationalpulse.com/ https://www.breitbart.com/
https://www.parler.com/ https://rumble.com/
https://banned.video/ https://www.mrctv.org/

[BeamMeUpScotty]

On 12/16/20 8:47 PM, Leroy N. Soetoro wrote:

Obviously the Feds can't guarantee to us that Foreign hacking into the

election didn't happened... for one thing they might have foreign agents
inside the USA doing the hacking, were they looking at local and in
precinct hackers.

Foreign companies built and owned/leased out some of the election
machines used inside the United States. That could be describe as
foreign hacking if the machines were hacked prior to the election in
person by the company that built the machine or people living here that
they trained to hack the machine locally through a wi-fi or local
network wired connection.

When they say they have no knowledge of any foreign hacking it means
they haven't looked for any that they didn't want to find.

[Big Bad Bob]

On 2020-12-17 08:21, BeamMeUpScotty wrote:
> Obviously the Feds can't guarantee to us that Foreign hacking into
the election happened... for one thing they might have foreign agents
inside the USA doing the hacking.

especially if hard-coded backdoor FTP passwords can be used to alter
them, and those passwords are exposed on github.

https://www.theregister.com/2020/12/16/solarwinds_github_password/

> Foreign companies built and owned the election machines used inside
the United States.

and deliberately made them CHEAT friendly:

https://noqreport.com/2020/12/06/ware-county-tested-dominion-tabulators-equal-number-of-votes-yielded-26-lead-for-joe-biden/

https://www.rushlimbaugh.com/daily/2020/12/07/what-to-make-of-the-ware-county-experiment/

--
(aka 'Bombastic Bob' in case you wondered)

'Feeling with my fingers, and thinking with my brain' - me

'your story is so touching, but it sounds just like a lie'
"Straighten up and fly right"

(snip some cross posts, I think my ISP filters if too many)

[Big Bad Bob]

On 2020-12-16 17:47, Leroy N. Soetoro wrote:
> https://www.kxan.com/news/local/austin/austin-based-solarwinds-at-center-
> of-massive-us-government-hack/
>

> The first phases of this monthslong cyberespionage campaign started
in the
> spring. The malware gave the hackers remote access to victims’ networks.

apparently because a hard-coded backdoor password was revealed on github...

https://www.theregister.com/2020/12/16/solarwinds_github_password/

> The FBI and the Department of Homeland Security’s cybersecurity arm are
> investigating what experts and former officials said appeared to be a
> large-scale penetration of U.S. government agencies. Industry experts
said
> it bore the hallmarks of Russian tradecraft.

Probably because CHINA wants them to believe it's RUSSIA wot dun it.

> “This can turn into one of the most impactful espionage campaigns on
> record,” said cybersecurity expert Dmitri Alperovitch.

all done during a "pandemic" (both unnecessary and *ILLEGAL*) TYRANNICAL
LOCKDOWN of HALF of AMERICA, designed to HARM DONALD TRUMP, and when
THAT did not work, THE ELECTION WAS DEFRAUDED to "guarantee an outcome",
which is how LIB-TARDS do things.

> SolarWinds said the “potential vulnerability” was related to updates
> released between March and June for software that helps organizations
> monitor their online networks for problems.

using a hard-coded password that was revealed on github. yeah.

> “We believe that this vulnerability is the result of a highly-
> sophisticated, targeted and manual supply chain attack by a nation
state,”
> said SolarWinds CEO Kevin Thompson in a statement.

and not just a TOTAL POOCH SCREW by INCOMPETENT PROGRAMMERS. Right.

> The compromise is critical because SolarWinds would give a hacker “God-
> mode” access to the network, making everything visible, said Alperovitch.

that's generally what a "back door" does. This is also why such "back
doors" built into ENCRYPTION METHODS are a *HUGE* *BAD* *IDEA* [even
though fucking POLITICIANS are ALWAYS WANTING THIS "for the children"]

> The U.S. government did not publicly identify Russia as the culprit
behind
> the hacks, first reported by Reuters, and said little about who might be
> responsible. Cybersecurity experts said last week that they considered
> Russian state hackers to be the main suspect.

Yeah, because EVIL COMMUNIST HACKERS from *CHINA* left the right bread
crumbs to make them think that, am I right or what?

A hammer sees everything as a NAIL. If you expect to find RUSSIAN
hackers, then THAT is what you will find. After all, CHINA gets "a
pass" for ANY of the SHIT they've pulled, from DELIBERATELY INFECTING
THE WORLD, to SCARING ENOUGH PEOPLE to JUSTIFY POLITICIANS ACTING LIKE
TYRANTS AGAINST THE U.S. CONSTITUTION and VIOLATING OUR RIGHTS ON A
DAILY FUCKING BASIS!!

(And if you MUST wear a mask, because SOME TYRANT "governor" WILL WHACK
YOUR PEE PEE IF YOU DO NOT, then wear a GUY FAWKES MASK, *IN* *PROTEST*,
and *SAY* *SO* *TO* *ANYONE* *WHO* *COMMENTS* - I know *I* do!!!)

[Alex Emerick Jones]

Big Bad Bob wrote

>
> https://noqreport.com/2020/12/06/ware-county-tested-dominion-tabulators-e
> qual-number-of-votes-yielded-26-lead-for-joe-biden/
>
> https://www.rushlimbaugh.com/daily/2020/12/07/what-to-make-of-the-ware-co
> unty-experiment/

I can't wait for Biden's death squads to clean up all those election fraud
loose ends. They say Limbaugh will be dead in 3 months and odds are good at
Trump ending up like Epstein.

[B1ackwater]

Why is Trump so weak a POTUS that he can't stop simple fraud in an election?



He's going to end up like Epstein.

[Big Bad Bob]

a) sock puppet troll detected - xdmod2 !!
b) not one of the groups I originally cross-posted to are included in
the 'reply to' - you are TROLLING (like before)
c) you didn't bother to read those web pages I linked to, did you?

GROW! A! FUCKING! BRAIN! *MORON*!!!

(and lib-tard DEMON-RAT SCUM, no doubt)

[Big Bad Bob]

On 2020-12-18 06:14, B1ackwater wrote:
> Why is Trump so weak a POTUS that he can't stop simple fraud in an election?
>
>
>
> He's going to end up like Epstein.
>

[Big Bad Bob]

On 2020-12-18 06:14, B1ackwater wrote:

CONFIRMED sock puppet troll - Alex Emerick and xdmod2 !!!

(Silly sock-puppet, your tricks are for CHILDREN)

[re-re-post, edited followup-to list and combined with original relevant
cross-posting, and then trimmed down so news server would accept it]

[B1ackwater]

[Alex Emerick Jones]

Big Bad Bob wrote

[Alex Emerick Jones]

[B1ackwater]

[B1ackwater]

[Alex Emerick Jones]

[B1ackwater]

[Alex Emerick Jones]

[B1ackwater]

[Alex Emerick Jones]