Re: SolarWinds Hack Gets Even Worse

[B1ackwater]

On Mon, 21 Dec 2020 15:26:37 -0000 (UTC), John McCue
<jmc...@obsd2.mhome.org> wrote:

>-- groups trimmed to just comp.os.linux.misc
>
>In comp.os.linux.misc B1ackwater <b...@magikbeanz.net> wrote:
>> NOW - Microsoft says there was a SECOND "backdoor"
>> in SolarWinds, likely installed by an entirely different entity
>> than the one first found. This one apparently, apparently,
>> may have had less security access - but still ........
>
>No kidding, I gained maybe 10 pounds with all the popcorn I
>have eaten over this :) Such a large faux pas I expect
>SolarWinds to go bankrupt.


Weirdly, it's stock price went UP a bit yesterday.
Have NO idea why. Maybe Russia/China are
buying through proxies to prop it up ? It would
be in their interests ... probably have insiders
there already who can poison any successor
utilities.


>This link has a collection of articles and I have yet to get
>to them.
>
>https://www.wired.com/story/russia-solarwinds-hack-roundup/
>
>From all I have been reading, seems the major impact was to
>Microsoft Systems, and maybe Azure/AWS/Google/Godaddy and
>possibility Oracle Virtual Box (Jury still out on this).

We expect MS products to be wide open to hacks
(though for some reason the US Govt and tons of
big companies are absolutely, now perhaps fatally,
clueless).

My version of VirtualBox is seriously out of date, so I think
I'm in the clear. Waiting to see if KVM was compromised ...

In any case, the hackers gained BROAD access to many
of our basic infrastructure companies/products. They had
this access for a LONG time - now suggested to be over
a YEAR.

Trump, whether you like him or not, is an aggressive
president and will counterpunch. Biden however ....
all the evil actors need do is wait until Biden is sworn
in and then leverage all they've learned to launch a
HUGE cyberattack. Biden, being a marshmallow, will
be unlikely to respond in any serious fashion.

So ... I suggest getting a large amount of cash before
Jan 21st .....

><snip>
>
>> The old geeks should charge triple when they're suddenly
>> called back to keep a closer eye on things and narrow down
>> the scope of possible damage ....... :-)
>
>Yes, will be interesting on what the fallout will be, but I
>fear the US Gov will pass yet another ridiculously large
>bill in line with the Patriot Act causing even more harm.

Govt, and not just the US govt, often reminds me of
Dilberts pointy-haired boss. If it's even remotely
complicated, expect them to BLOW IT in the worst
possible ways.

Oh well ... back to DOS and bulletin-board systems ?
No more online commerce or banking ? Sounds extreme,
but, when you take the devolution of such things into
account MAYbe it's the more safe/sensible thing ???
Paper instruments are harder to hack from Romania.
The modern internet makes lots of stuff EASY - and
that means EASY for every bad actor in the world too.

The aggressors always have the advantage, everybody
else has to guess what they'll be up to next - and by the
time they know it's too late. These are the hard cold facts
of reality. Sticking our fingers in our ears and singing
LaLaLa does not change a thing. The net-o-verse as
we know it simply CANNOT be secured. The more we
depend on it, the more damage the bad guys can do.

[The Natural Philosopher]

On 23/12/2020 01:13, Winston_Smith wrote:
> Could it just be they were lining up voter data to create believable
> fake ballots?
If it was no one will ever prove it


--
"The great thing about Glasgow is that if there's a nuclear attack it'll
look exactly the same afterwards."

Billy Connolly

[B1ackwater]

On Wed, 23 Dec 2020 16:58:11 +0000, The Natural Philosopher
<t...@invalid.invalid> wrote:

>On 23/12/2020 01:13, Winston_Smith wrote:
>> Could it just be they were lining up voter data to create believable
>> fake ballots?

>If it was no one will ever prove it

Not necessarily .... indeed the more vast the conspiracy
the quicker it comes apart - loose lips. The political question
is "HOW quickly ?".

The constitution seems to have no clear path to follow
if a POTUS/high-official is found to have won unfairly
a few years later, what the hell do you do ? Drive out
the offender, breaking everything they've done and were
involved in no matter what the broader effect ? Not an
easy question. Law/justice/national-interests must all
enter into the equation.

MEANWHILE, the list of compromised agencies, entities
and key commercial interests continues to expand. We
are now at very serious risk from cyberwar. "They" know
too much now. The only, and highly inconvenient, solution
is to abruptly start doing things very differently.

[B1ackwater]

On Wed, 23 Dec 2020 10:35:26 +0300, "Andrei Z."
<no-e...@invalid.invalid> wrote:

>John McCue wrote:
>> -- groups trimmed to just comp.os.linux.misc
>>
>> In comp.os.linux.misc B1ackwater <b...@magikbeanz.net> wrote:
>>> NOW - Microsoft says there was a SECOND "backdoor"
>>> in SolarWinds, likely installed by an entirely different entity
>>> than the one first found. This one apparently, apparently,
>>> may have had less security access - but still ........
>>
>> No kidding, I gained maybe 10 pounds with all the popcorn I
>> have eaten over this :) Such a large faux pas I expect
>> SolarWinds to go bankrupt.
>>

>> This link has a collection of articles and I have yet to get
>> to them.
>>
>> https://www.wired.com/story/russia-solarwinds-hack-roundup/
>>
>> From all I have been reading, seems the major impact was to
>> Microsoft Systems, and maybe Azure/AWS/Google/Godaddy and
>> possibility Oracle Virtual Box (Jury still out on this).
>>

>> <snip>
>>
>>> The old geeks should charge triple when they're suddenly
>>> called back to keep a closer eye on things and narrow down
>>> the scope of possible damage ....... :-)
>>
>> Yes, will be interesting on what the fallout will be, but I
>> fear the US Gov will pass yet another ridiculously large
>> bill in line with the Patriot Act causing even more harm.
>>

>> John
>>
>SolarWinds Adviser Warned of Lax Security Years Before Hack - Bloomberg
>https://www.bloomberg.com/news/articles/2020-12-21/solarwinds-adviser-warned-of-lax-security-years-before-hack
>
>What is cloud security? - Kaspersky
>https://www.kaspersky.com/resource-center/threats/what-is-cloud-security


There IS NO "cloud security". Claims, plenty - Truth, NONE.

This is reality.

Any "security" you will have to hack together yourself somehow,
major in-house encryption of anything that goes on The Cloud.
I've been doing that for years now - but it does not protect against
the whole Cloud from being taken down. Thus, lots and lots of
layered local backups. Pain in the ass, yes. VITAL, absolutely !

The Cloud promise of "easy" is a LIE. The only "easy" part is in
how easily bad actors can trash every byte of your expensive
hard-won data and every bank account attached.

Us OLD GUYZ understood this clearly from the beginning. Alas
our successors and their pointy-haired bosses happily bought
in to the lies and buzz. Imagined it would make everything so
much easier for them ....

The result will be terabucks of damage, losses and infrastructure
implosions. In short, as they say, All Fall Down Go Boom. A push
of a button in Bejing is all that's needed. That's no exaggeration.
SolarWinds/MS made that 100% possible. The flow of global
politics makes it 100% likely.

Any good at shoeing mules ? Raising turnips ? Maybe something
less dignified to survive until tomorrow ?

This is where "easy" has taken us.

[Kenny McCormack]

In article <c7e8ufli9e4idleun...@4ax.com>,
B1ackwater <b...@magikbeanz.net> wrote:
...

> implosions. In short, as they say, All Fall Down Go Boom. A push
> of a button in Bejing is all that's needed. That's no exaggeration.

------------------^^^^^^

You misspelled "Moscow".

Typical Right-wind, Trumpist nonsense, trying to blame this on China.

--
If you don't have faith, it's because you are reading the Bible with an
honest, truthful, real-answer seeking heart.

- Rick C Hodgin -

[The Doctor]

In article <c7e8ufli9e4idleun...@4ax.com>,
B1ackwater <b...@magikbeanz.net> wrote:

Depends if you can lock down you Cloud Server.
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b
Merry Christmas 2020 and Happy New Year 2021 !

[The Doctor]

In article <rs1ip0$i0ob$1...@news.xmission.com>,

Beiging, Moscow, Tehran - all lead rogue states.

Throw in Pyongyang for good measure.

[B1ackwater]

But that's just any LOCAL "cloud" ... I will insultingly call
that a glorified NAS.

The thing is that the common biz model these days, as
the Old Guyz retire, is to "let somebody else keep track
of it all". They hire people to put ALL their stuff on VMs,
all their data on virtual NAS's, and assume Joe's Friendly
IT Provider" will magically keep it all working and secure
in the most hostile environment - even a cyberwar
environment.

Joe can't. The ISPs can't. Comcast and ATT can't.
SolarWinds and like issues prove Our Enemies have
installed the Big Red Button any and everywhere they
pleased. The Criminals will take advantage until the
big boyz are ready to push that button. 50+ years of
personal/financial/research/defense data GONE in
and instant. The old magtapes in the closet ... they've
been thrown out. Civic/industrial infrastructure GONE.
What the US did to the Iranians nuke plants is just a
hint of what can be done.

Yea, yea ... kinda paranoid. However we DO see an
aggressively resurgent Russia and an imperial-minded
Bejing - and the usual criminals/terrorists/anarchists
ARE still out there. We've set ourselves up for catastrophic
failure, all in the name of "easy".

Yea, it's "easy" allright .......

I've heard the best investments are lots of bags of dried
beans, liquor, TP and tampons ........

After that ... a mule and a plow will be the most valuable
things in the world.

[B1ackwater]

On Tue, 22 Dec 2020 18:13:18 -0700, Winston_Smith
<inv...@butterfly.net> wrote:

>On Mon, 21 Dec 2020 23:56:38 -0500, B1ackwater wrote:
>
>> Weirdly, it's stock price went UP a bit yesterday.
>> Have NO idea why. Maybe Russia/China are
>> buying through proxies to prop it up ? It would
>> be in their interests ... probably have insiders
>> there already who can poison any successor
>> utilities.
>

>When they realized how vulnerable they were, the executives dumped
>stock. Notice as the article dates get later, we find out about an
>ever increasing amount of insider trading, executives dumping their
>own company. $4 million dumped in mid-November, then $15 million
>increasing to $46 million three weeks into the disaster, and then $280
>million.
>
>Now that they are wiggling off the hook people are buying it back.
>Given that so many major web sites depend on it, they may be "too big
>to fail".
>
>Solarwinds Corp (SWI) President & CEO Kevin B Thompson ...
>https://finance.yahoo.com/news/solarwinds-corp-swi-president-ceo-181502379.html..
>Nov 21, 2020 · Solarwinds Corp (SWI) President & CEO Kevin B Thompson
>Sold $3.6 million of Shares President & CEO of Solarwinds Corp
>(30-Year Financial, Insider Trades) Kevin B Thompson (insider trades)
>sold...
>
>SolarWinds hack: Outgoing CEO sold huge amount of stock in Nov
>https://insiderpaper.com/solarwinds-hack-outgoing-ceo-sold-huge-amount-of-stock-in-nov/
>Dec 14, 2020 · It is widely known that the SolarWinds CEO, CFO and
>directors sold stock in November 2020 that amounted to $15,000,000.
>This peculiar turn of events has left many users asking, why did the
>top-level officials sold this huge amount of stock? The entire
>situation seems complicated and messy. SolarWinds CEO sold a huge
>amount of stock
>
>SolarWinds Director Sold $45.7 MILLION in Stock Options ...
>https://thespectator.info/2020/12/14/solarwinds-director-sold-45-7-million-in-stock-options-last-week-before-cisa-announcement-sunday/
>Dec 14, 2020 · SolarWinds Director Sold $45.7 MILLION in Stock Options
>Last Week Before CISA Announcement Sunday December 14, 2020.
>COMMENTARY. 3 mins read.
>
>$286M Of SolarWinds Stock Sold Before CEO, Hack Disclosures
>https://www.crn.com/news/security/-286m-of-solarwinds-stock-sold-before-ceo-hack-disclosures
>Dec 16, 2020 · SolarWinds majority owners Silver Lake and Thoma Bravo
>sold $286 million of stock just before the company announced a new CEO
>and disclosed a cyberattack.
>
>Two SolarWinds investors sold $280million in stock days ...
>https://www.dailymail.co.uk/news/article-9060931/Two-SolarWinds-investors-sold-280million-stock-days-Russian-cyber-attack-revealed.html
>Dec 16, 2020 · Three executives from each firm sit on the board of
>SolarWinds and they have been the largest investors in the company
>since it went public in 2018. In November, outgoing SolarWinds CEO
>
>'==========
>Remember, SolarWinds is mixed up in the Dominion story.
>
>Now that they are getting away with the election steal - in fact
>probably will be protected by the Biden swamp - it's safe to buy it
>back. Too many election officials in too many states have staked their
>reputation, and elected office, on there being "nothing to see here".
>
>https://www.independentsentinel.com/dominion-uses-solarwinds-the-software-currently-under-attack-by-hackers/
>Dominion uses SolarWinds software, according to their webpage
>"Dec 14, 2020 · Dominion uses an Internet technology firm that was
>hacked and crashed Google, YouTube, et al. Dominion uses SolarWinds
>software, according to their webpage as first reported by …"
>
>Could the SolarWinds Orion raid yield smoking gun evidence ...
>https://noqreport.com/2020/12/14/could-the-solarwinds-orion-raid-yield-smoking-gun-evidence-about-dominion-voting-systems-voter-fraud/
>Dec 15, 2020 · If anyone has the data that’s needed to prove massive
>voter fraud through machine hacking and/or vote count manipulation,
>it’s SolarWinds. It doesn’t matter how much covering up as done by
>Dominion if their security company’s servers have the data as well.
>And now that data is likely in the hands of law enforcement.
>
>BREAKING: FBI, Texas Rangers and US Marshals Raid ...
>https://newsla.localad.com/2020/12/14/breaking-fbi-texas-rangers-and-us-marshals-raid-solarwinds-hq-in-austin-more-news-coming-on-ceo-and-executive-vice-president/
>Dec 14, 2020 · Dominion Voting Systems uses SolarWinds products. It’s
>right there on their website. This afternoon a guest on Hannity told
>the popular conservative host the FBI, US Marshals and Texas Rangers
>were raiding SolarWinds headquarters in Austin Texas!
>
>'==========
>A month or so before the election there were stories about local
>election boards rolls being hacked. At the time most people assumed
>they were looking for personal data to use for good old identity
>fraud.

>
>Could it just be they were lining up voter data to create believable
>fake ballots?
>

>Could it just be the whole point of hacking SolarWinds in the first
>place was to steal an election?


Ummmmm ......... don't THINK so. The hacks seemed to
have more to do with infiltrating govt/infrastructure for
financial and/or cyberwar purposes.

Getting down to the wildly-divergent local elections level
would be too damned complicated. Any fraud there was
done by more local entities coordinated only by some
general sense of The Communist Cause.

PROOF however .... it may take years. The vaster the
conspiracy the sooner it crumbles. Loose lips .....

[anon]

There was no hack. The 'hack' is a cover story.

When the federal insiders sell off a major data dump, they cover it up
with a fake hack story, so if any questions are asked, "The Russians did
it."