Hackers Used SolarWinds’ Dominance Against It In Sprawling Spy Campaign

Hackers Used SolarWinds’ Dominance Against It In Sprawling Spy Campaign

Via Reuters:

On an earnings call two months ago, SolarWinds Chief Executive Kevin Thompson touted how far the company had gone during his 11 years at the helm.

There was not a database or an IT deployment model out there to which his Austin, Texas-based company did not provide some level of monitoring or management, he told analysts on the Oct. 27 call.

“We don’t think anyone else in the market is really even close in terms of the breadth of coverage we have,” he said. “We manage everyone’s network gear.”

Now that dominance has become a liability – an example of how the workhorse software that helps glue organizations together can turn toxic when it is subverted by sophisticated hackers.

On Monday, SolarWinds confirmed that Orion – its flagship network management software – had served as the unwitting conduit for a sprawling international cyberespionage operation. The hackers inserted malicious code into Orion software updates pushed out to nearly 18,000 customers.

And while the number of affected organizations is thought to be much more modest, the hackers have already parlayed their access into consequential breaches at the U.S. Treasury and Department of Commerce.

Three people familiar with the investigation have told Reuters that Russia is a top suspect, although others familiar with the inquiry have said it is still too early to tell.

A SolarWinds representative, Ryan Toohey, said he would not be making executives available for comment. He did not provide on-the-record answers to questions sent via email.

In a statement issued Sunday, the company said “we strive to implement and maintain appropriate administrative, physical, and technical safeguards, security processes, procedures, and standards designed to protect our customers.”

Cybersecurity experts are still struggling to understand the scope of the damage.

The malicious updates – sent between March and June, when America was hunkering down to weather the first wave of coronavirus infections – was “perfect timing for a perfect storm,” said Kim Peretti, who co-chairs Atlanta-based law firm Alston & Bird’s cybersecurity preparedness and response team.

Assessing the damage would be difficult, she said.

“We may not know the true impact for many months, if not more – if not ever,” she said.

The impact on SolarWinds was more immediate. U.S. officials ordered anyone running Orion to immediately disconnect it. The company’s stock has tumbled more than 23% from $23.50 on Friday – before Reuters broke the news of the breach – to $18.06 on Tuesday.

SolarWinds’ security, meanwhile, has come under new scrutiny.

In one previously unreported issue, multiple criminals have offered to sell access to SolarWinds’ computers through underground forums, according to two researchers who separately had access to those forums.

One of those offering claimed access over the Exploit forum in 2017 was known as “fxmsp” and is wanted by the FBI “for involvement in several high-profile incidents,” said Mark Arena, chief executive of cybercrime intelligence firm Intel471. Arena informed his company’s clients, which include U.S. law enforcement agencies.

Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds’ update server by using the password “solarwinds123”

“This could have been done by any attacker, easily,” Kumar said.

What Is The Crusade Channel?

The CRUSADE Channel, The Last LIVE! Radio Station Standing begins our LIVE programming with our all original CRUSADE Channel News hosted by 28 year radio ace, Stacey Cohen. Coupled with Mike “The King Dude” Church entertaining you during your morning drive and Rick Barrett giving you the news of the day and the narrative that will follow during your lunch break! 

We’ve interviewed over 200 guests, seen Brother Andre Marie notch his 200th broadcast of Reconquest; the The Mike Church Show over 900 episodes; launched an original LIVE! News Service; written and produced 4 Feature Length original dramas including The Last Confession of Sherlock Holmes and set sail on the coolest radio product ever, the 5 Minute Mysteries series! We are the ONLY outlet to cover the Impeachment of President Trump from gavel to gavel! 

The Crusade Channel is an open forum for the great thinkers of our time, those who accept the REALITY that Truth is higher than opinion and are willing to speak it with clarity, courage and charity. 

Now that you have discovered The Crusade, get 30 days for FREE of our premium service just head to:

https://crusadechannel.com

OR download our FREE app:

https://apps.appmachine.com/theveritasradionetworkappIti-

Did you know about the Spy Campaign? If you are interested in supporting small business, be sure to check out the official store of the Crusade Channel, the Founders Tradin Post! Not to mention our amazing collection of DVD’s, Cigars, T-Shirts, bumper stickers and other unique selection of items selected by Mike Church!